back to article Northrop Grumman can make a stealth bomber – but can't protect its workers' W-2 tax forms

Northrop Grumman has admitted one of its internal portals was broken into, exposing employees' sensitive tax records to miscreants. In a letter [PDF] to workers and the California Attorney General's office, the aerospace contractor said that between April 18, 2016 and March 29, 2017, crooks infiltrated the website, allowing …

  1. Mark 85

    Only "credit monitoring"????? I'd bet dollars to doughnuts that a lawyer could have a field day and nice class action lawsuit over the tax refunds part....

    1. Anonymous Coward
      Anonymous Coward

      I agree, then after they take their fee, the "class" will get a nice fat $.18 check and not much will have changed. Or, suppose they get some traction and make a good case, then a quick 18 hole golf engagement with the tax-evading, snake-oil president will clear the company of any wrong doing... so long as they do not score a better game than The Don. My advice; cut your losses, self-incorporate, then stick it to the man... the tax man. The tax man is the enemy of the current administration, yet that same administration is is charge of running the IRS. So, where is my middle class tax break again? Oh yeah, that's far back in line, well after the crooked president, his cronies, his family, his cronies families, their businesses, all their business and then some take their cut, and we'll pick through the bones that are left... or, like I said, become a corporation and fleece the government while they still have something valuable left to take! Stop being a victim of the tax man, and take a bite out of his sorry ass for once in your god damn life, people.

  2. Anonymous Coward
    Anonymous Coward

    Whose really to blame

    * Someone got a fat bonus for farming out the work. But isn't the greater problem here US Govt inability to simplify the tax code / IRS incompetence...

    * Having to file taxes is like some religious rite of passage in America. How is it other countries forgo it, especially for W2 employees. Also where money has to be refunded, why isn't there an option to lock-down a social and just take a discount on next year's taxes instead???

    * Lock the account down like a credit lockdown after fraud etc. Require an actual visit to a tax office to get it lifted etc. No tax refund, no identity theft etc.

    * Rebate fraud has been blossoming for a decade. No fix shows indifference / lack of imagination, except to a test of obedience everyone must bow to.

    * Everyone except mega-corps of course who make up their own rules, including claiming they're a person when it suits them for special cases!

    * The point here is, its the little guy that's getting hit. If it happened to a congressman or their children expect this to have been solved long ago....

  3. Anonymous Coward
    Anonymous Coward

    Another day another clusterfuck

    LinkedIn:....."Equifax Workforce Solutions is the trusted authority in HR, payroll and tax management and compliance. We are the exclusive source for the world's most comprehensive workforce data available today, empowering HR with true human capital insights to drive measureable business results.".....

    +

    Website..... "Equifax Workforce solutions that balance compliance with cost control and empower strategic HR through superior data assets that deliver human capital intelligence.".....

    ============================

    *** Hardly...You're just another mark for global hackers who are the ones really winning the data wars. But you should have known better, being part of mega-credit-control corp, who knows just how valuable this data is, especially if leaked! ***

  4. John Smith 19 Gold badge
    Unhappy

    Fine headline opportunity completely wasted

    "Northrop Grumman admits "Equifax tax portal shamelessly probed deep by identity thieves" "

    FTFY

    But do we know they are identity thieves?

    This is a pretty good start for anyone looking to identify and/or suborn staff on their classified projects.

    1. Korev Silver badge

      Re: Fine headline opportunity completely wasted

      Linkedin has ~56k Northrop Grumman employees; however they did make an active choice to put a profile up.

      1. John Smith 19 Gold badge
        Unhappy

        "Linkedin has ~56k Northrop Grumman employees;"

        True, but as you point out they chose to appear and I'm pretty sure their SSN or personal phone numbers are on there.

  5. Anonymous Coward
    Anonymous Coward

    Duh

    "According to Equifax, the portal was accessed not by hackers but by someone using stolen login details."

    So to make it "hacking" one has to use an arcane skill set or method? same banana, account got hacked period.

  6. Anonymous Coward
    Meh

    Now part of your job?

    The letter includes lines like "To order your free credit report..." and "We encourage you to remain vigilant by reviewing your account statements and monitoring your free credit reports."

    So the employees have to actively obtain and monitor their credit reports etc. Isn't that like a work-related safety activity since it is effort expended by the employee to prevent harm to themselves or their family as a consequence of their employment at Northrop? If my job required regular medical examinations (for example), I would expect to get those in the company's time. So, shouldn't the employees be compensated with extra pay or time off in lieu to cover this too?

  7. Stevie

    Bah!

    Azathoth on a Very Large Bike! Grumman did the telemetry on the Apollo moonshots FFS!

  8. Fatman

    NG employee portal """hacked""".

    It is for this very reason, I politely, but firmly decline to create a web portal account with my medical practitioners.

    Sorry, but I do not need that info floating out there in the cloud.

  9. Potemkine Silver badge

    QED

    It's harder to secure completely a whole IT infrastructure than designing and building a stealth bomber.

  10. Speltier

    Shock

    Threaten to publish names associated with salaries-- the execs would surely pay 200-300 bitcoin to avoid a fate this heinous. Plus, you can still rip off the employees' taxes, that is not part of the deal; the employees are handed the pitiful sop of a few years of credit reporting.

    Most companies try desperately to keep salaries a deep dark secret-- that guy dozing in the cube next to you could be making 30% more than you just pushing a few papers around occasionally. How much is avoiding expensive pay scale riots in the drone cube farm worth to the CEO? Or worse, civil war in the middle management ranks when the hypercompetitive wankers discover who is the mightiest wanker of them all (and it probably isn't the one in the mirror).

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like