Beazley has launched a data breach rapid response service for its clients, specifically to aid those whose employee W-2 tax information has been hacked.
The insurer’s Beazley Breach Response (BBR) Services arrives as tax season goes full swing, with employees preparing their financial statements and reports.
The BBR Services team found that W-2-related breaches peak toward the beginning of the tax season. After stealing the tax information, cybercriminals often race to file false returns or even steal tax refunds before the victimized employees can react.
How are your wholesale brokers and MGAs performing? Take our Producers on Wholesale Partners survey!
“In 2016, the IRS reported more than a million fraudulent tax returns with $7.97 billion claimed in fraudulent refunds – and W-2’s are a rich source of information for those fake returns,” said Katherine Keefe, head of BBR Services.
“A successful attack generally begins with a spoofed email to an employee in the accounting, finance or HR department, usually presented as urgent. Appearing to come from an executive, sometimes bolstered by details the criminal has gleaned from LinkedIn or social media, the email leads the employee to supply PDFs of W-2 forms or other electronic payroll data.”
“When the attack succeeds, most or all of an organization’s employees are likely to have their data compromised. The employees typically experience immediate harm. And with other valuable data included on the W-2, criminals can continue to exploit it well beyond the tax reporting season,” Keefe added.
Beazley’s rapid response service allows the insurer to quickly assist clients whose data may have been compromised.
According to a release, Beazley’s service can assign legal counsel, set up a call center, and even help out with employee notification and assistance plans (which include credit monitoring).
“[Beazley Breach Response Services] has used its experience handling breaches and its extensive partner network to streamline the process for responding to this type of event,” a release said.
The insurer has collaborated with its vendor partners to come up with a cyber “rapid response” process. This allows a client to quickly notify its employees of a breach within a matter of hours of approving the notification templates and signing contracts with notification vendors.
“Rapid response is critical in these situations. We believe that we have created a unique resource will help our clients protect their employees and their data,” Keefe remarked.
Related stories:
Beazley appoints underwriter for new marine platform
Beazley overhauls signature cyber coverage