A top US law firm used by Google has verified it was hit by a data violation. Immigration law firm Fragomen, Del Rey, Bernsen & Loewy said that the breach saw the personal information of current and former Google employees impacted.
The company did not say precisely what data was accessed or how many employees were affected, but the firm looks after a wide spectrum of Google’s immigration law cases, signifying hundreds of workers could have had their data stolen. When interrogated by TechCrunch, Fragomen spokesperson Michael McNamara refused to say how many Google employees were impacted by the breach.
Google is yet to respond to a request for a remark. Fragomen plays a significant role in Google’s workforce, contributing validation screening services to specify if employees are eligible and authorized to work in the United States. All companies functioning in the United States are mandated to maintain a Form I-9 file on every employee to ensure that they are lawfully permitted to work and not subject to more restrictive immigration rules.
These Form I-9 files include a lot of sensitive information about the subject, as well as government documents such as passports, ID cards, and driver’s licenses. In its filing to the Attorney General, Fragomen said that the breach was driven by an unauthorized third party accessing a file that included such privately identifiable data on a “limited number” of current and former Google employees.
Both companies will expect that the incident is not too serious, as the repercussions for losing illegal of a data breach can be very expensive. A recent report from IBM found that falling victim to a data leakage can be devastating for a company’s reputation as well as to its bottom line, with each incident costing companies an average of $3.86m per infringement.