A data breach of former members of staff of Google involving personal information has been confirmed by the immigration law firm Fragomen, Del Rey, Bernsen & Loewy.
The New York-based law firm provides companies with employment verification screening services to determine if employees are eligible and authorised to work in the United States of America.
Every company operating in the United States is required to maintain a Form I-9 file on every employee to ensure that they are legally allowed to work and not subject to more restrictive immigration rules. But Form I-9 files can contain a ton of sensitive information, including government documents like passports, ID cards and driver’s licenses, and other personally identifiable data, making them a target for hackers and identity thieves.
But the law firm said it discovered last month that an unauthorized third-party accessed a file containing personal information on a “limited number” of current and former Google employees.
In a notice with the California attorney general’s office, Fragomen did not say what kind of data was accessed or how many Google employees were affected. Companies with more than 500 California residents affected by a breach are required to submit a notice with the state’s attorney general’s office.
Michael McNamara, a spokesperson for Fragomen, declined to say how many Google employees were affected by the breach and TechCrunch who tried to contact Google’s spokesperson was met with silence.