Crown Castle recently began notifying an undisclosed number of its U.S. employees that their payroll information may have been accessed by hackers.
On October 31, 2013, the company determined that an unknown person or persons bypassed Crown Castle’s security system and accessed an e-mail containing an attached payroll file that listed U.S. employee names, Social Security numbers and compensation.
“Our e-mail filtering and screening process helped to identify an irregularity in our e-mail system which prompted our investigation,” company president and CEO W. Benjamin Moreland wrote in the notification letter [PDF].
All those affected are being offered a free year of identity theft protection from Experian’s ProtectMyID Elite.
In response to the breach, Moreland wrote, the company is conducting a comprehensive internal investigation of the incident, hiring a forensic analyst to determine the cause and the scope of the incident and to further secure the network, reporting the incident to the FBI, developing training to enhance network security, and reviewing all systems, processes and policies to determine what additional steps can be taken to strengthen data security.