Seagate faces employee lawsuit threat over phishing snafu

Suit claims that attackers began making immediate use of the stolen data

Seagate is being sued by its own employees following the leakage of personal details by the HR department.

Embarrassingly, back in the spring of this year, a Human Resources staff member at Seagate fell victim to a phishing scam and was tricked into giving away W-2 tax documents of past and current employees to the attacker (who posed as the CEO of the company, in a familiar turn of events these days).

Thousands of employees were affected by the error of judgement, which spilled crucial personal data that could put staff at potential risk from all manner of identity theft nastiness.

Obviously, when your details have been leaked through absolutely no fault of your own, that can be particularly frustrating, so it's not exactly surprising to see a suit being fired at Seagate, filed back in July as the Register reports.

See also: The 10 best PCs of 2016: which computer should you buy?

Immediate usage

The lawsuit claims that the data thieves are already using the pilfered details to their own nefarious ends, and indeed alleges that the criminals began to exploit the data "almost immediately" after the phishing attack happened, filing fraudulent tax returns in the names of some staff members.

The suit further observes that the victims will be at a "heightened risk of identity theft" for the rest of their lives – and so should be paid damages by Seagate.

The lawsuit states that: "Many employees and third-party victims have already suffered out-of-pocket costs attempting to rectify fraudulent tax returns and engaging services to monitor and protect their identity and credit."

Seagate, on the other hand, is arguing that it can't be held responsible for the actions of cybercriminals, and wants the case dismissed. If the motion to dismiss isn't carried, though, the matter will go forward to a jury trial.