Coronavirus scam stealing ‘hundreds of millions’ boosted by old data breaches

- Advertisement -
Credit reporting company Equifax Inc. corporate offices are pictured in Atlanta, Georgia, U.S., September 8, 2017. REUTERS/Tami Chappell

- Advertisement -
- Advertisement -
- Advertisement -

Credit reporting company Equifax had a data breach in which 146.6 million people’s data was exposed. Data breaches like this likely led to “hundreds of millions” in stolen unemployment benefits following coronavirus relief. REUTERS/Tami Chappell

Washington State paid out “hundreds of millions” in bogus unemployment benefits to scammers, according to the state’s Employment Security Department. The scam has likely hit numerous other states including Florida, Massachusetts, North Carolina, Oklahoma, Rhode Island, Wyoming, and most recently, Hawaii.

And according to Agari, the cybersecurity firm that identified the scammer and identified the attack on Hawaii, the scammers used personal information from previous data breaches.

Authorities aren’t sharing many details, but cybersecurity firm Agari says at least one group of Nigerian scammers called Scattered Canary is behind the heist in Washington and seven other states. Agari has been tracking Scattered Canary for a year.

The fraud, which leveraged the quick and needed response to the economic fallout, was an advanced operation that utilized fake W-2 scams to get new information to create false unemployment claims, Agari CEO Patrick Peterson told Yahoo Finance. In W-2 scams, a bad actor pretends to be from an employee’s company and emails the employee asking for personal information to fill out an updated W-2 form, which includes key data like Social Security numbers.

But Peterson told Yahoo Finance that the group utilized previously stolen data from other sources, something that Washington State’s Employment Security Department’s commissioner also said, citing breaches like the 2017 Equifax incident, in which 146.6 million Social Security numbers were breached.

“Our thesis is that the criminals are using data from previous hacks like Equifax, other large-scale hacks,” Peterson told Yahoo Finance.

Peterson was careful to say that they don’t yet have evidence that attributed the scam to one breach in particular, but Agari hopes to have more information on the source of the data the hackers used.

Scammers needed just four fields — Social Security number, name, address, and date of birth — for success, and previous breaches and swaths of data for sale on the dark web aided their operations. In the past few years, there have been many data breaches, compromising tons of consumer data, including LinkedIn in 2016 and Marriott in 2018.

A worker gives instructions to people waiting in cars, Saturday, May 16, 2020, during a walk- and drive-up job hiring fair in Seattle for the Outdoor Research's new line of face masks and other personal protection equipment the outdoor clothing maker has started manufacturing due to the coronavirus pandemic. OR managers were conducting job interviews on the spot and trying to fill about 150 positions related to the company's new line of PPE products. (AP Photo/Ted S. Warren)

View photos

A worker gives instructions to people waiting in cars, Saturday, May 16, 2020, during a walk- and drive-up job hiring fair in Seattle for the Outdoor Research’s new line of face masks and other personal protection equipment the outdoor clothing maker has started manufacturing due to the coronavirus pandemic. (AP Photo/Ted S. Warren)

Agari said that the scammers most likely used data that had already been breached and augmented it by other tactics like W-2 phishing to fill in missing information. And since the states waived verification, many people whose data was used by Scattered Canary were not even laid off.

This heist shows why data breaches are harmful

For the most part, hacks don’t directly affect people’s bank accounts, which is why most have trouble caring too much about the latest data breach. With breach after breach, consumers’ attitudes have dissolved into resignation.

With this heist, there’s a clear example of the damage that breaches can do besides the abstract possibilities of ID theft and credit card fraud. (Many judges in lawsuits against Equifax said consumers didn’t experience damages simply because they might be defrauded in the future). Because of this scam, Washington and other states are out a significant amount of taxpayer money, and more scams like this will likely emerge as the COVID crisis drags on.

Peterson said that it’s sad that we’ve become immune to breaches, and only pay attention if the number was a record — even though Equifax’s loss of info on almost half the country will probably stay a record.

“It feels like our data has been released so many times,” said Peterson. “Should we really care? Well, you can’t change your birthday, or your address unless you’re going to move, and changing your Social Security number is insanely difficult. When that info is out there, criminals really have the keys to the kingdom.”

This article was originally published on

Home of Science
Follow me

- Advertisement -




Duchess of Cornwall says Queen Consort title will help her causeson February 24, 2022 at 1:10 am

The Duchess of Cornwall tells the BBC she is on a lifelong campaign for domestic violence victims.

A missing game of Wordle helps end a 17-hour hostage ordealon February 10, 2022 at 2:48 pm

Police were alerted to a hostage situation when an 80-year-old woman failed to send her daily Wordle.

Spring Statement: Rishi Sunak vows to cut income tax before 2024 electionon March 23, 2022 at 2:33 pm

The chancellor also unveils a 5p fuel duty cut - but Labour says it is not enough to tackle the cost of living crisis.Image...

The Papers: ITV orders inquiry and university funding ‘broken’on June 1, 2023 at 4:45 am

The fallout from Phillip Schofield's resignation and a warning from university bosses lead the papersThe fallout from Phillip Schofield's resignation and a warning from...

Tesla stock rallies after report its California workers readying to return

Tesla Inc. TSLA, +10.15% shares jumped nearly 9% on Monday on the heels of a report saying the Silicon Valley car maker has told some workers at...
Home of Science
Follow me