The small US Iowan city of Keokuk has disclosed that a cyber-criminal used a phishing scam to fraudulently obtain an electronic file containing the 2017 W-2 tax forms of current and former employees and elected officials.
"Upon learning of the incident, we commenced a prompt and thorough investigation, and the incident was reported to law enforcement; however, at this time, no suspect has been identified," reads an official statement from Keokuk, according to a 4 February report from Tri States Public Radio. "We have confirmed that the information obtained by the unauthorised party included only 2017 Form W-2s of employees and elected officials. No credit card or bank account information was involved."
With a population of a little over 10,000, Keokuk says that in response to the 30 January incident, it will offer affected individuals credit monitoring and ID theft protection services. City employees hired in 2018 are not impacted.