Tyler ISD issues statement after employee W-2 forms sent in 'email spoofing attack'

TYLER, TX (KLTV) - The Tyler Independent School District has issued a statement after employees fell victim to an email attack that seeks W-2 information.

The district reportedly sent a letter to employees this week notifying them about W-2s that were sent outside the district.

The 'attack' has been sweeping across the country with reports from several states. The e-mail requesting W-2 information is commonly sent to a district employee under the superintendent's name asking for W-2s for the district.

Nearly a hundred firms and dozens of school districts have fallen for the e-mail. According to the Temple Daily Telegram, Belton ISD sent 1,700 W-2s to the email address that was believed to be the superintendent.

Friday afternoon, the district issued a statement on the incident.

"We recently discovered that our school district was the victim of an email spoofing attack on March 1, 2017, by an individual pretending to be our Superintendent. A request was made for all 2016 Tyler ISD employee W-2 information."

"Unfortunately, copies of all 2016 employee W-2 forms were provided before we discovered that the request was made from a fraudulent account by someone using the name and an email address that appeared to be from our Superintendent. We discovered the fraudulent nature of the request on March 1, 2017 and have been working tirelessly to investigate and to mitigate the impact of the attack."

"As part of our response, we are putting in place resources to protect those who may be impacted, and will be providing written notice to impacted individuals in the near future along with access to free credit monitoring and restoration services."

Our Raycom sister station WIS-TV in Columbia, South Carolina reported on a data breach in their district in January.

KLTV 7 has obtained a copy of the notice sent to employees of the Tyler school district:

According to the district memo sent on Friday, the district said they were made aware of the breach on Wednesday.

The breach only affects employees of the district in 2016, according to the memo.

The district said in the notice to employees that they will be providing "credit monitoring and restoration services" at no cost to the employee. The district has also set up a call center and said they will be notifying the FBI and state law enforcement for their assistance in investigating this 'attack.'

In the memo, the district said they do not believe any other networks in the district were compromised. The district said they will "continue and improve upon our information security awareness and training programs for all employees.

Copyright 2017 KLTV. All rights reserved.