Milwaukee Bucks hit by W-2 Phishing attack

Agents unhappy with communications about the incident from the team

milwaukee bucks
Peter Llewellyn-USA TODAY Sports

Players and staff with the Milwaukee Bucks had their 2015 W-2 records compromised, after a staffer with the NBA franchise released the records to an email address spoofed to appear as if it came from team president Peter Feigin.

In a statement last week, the team said they've reported the incident to the FBI and the IRS.

However, speaking to The Vertical (Yahoo Sports) at least one agent representing a player on the Bucks said the brief notice concerning the security incident is "unacceptable."

"The players need to know the exact measures being taken by the Bucks and the FBI to ensure each and every player's identity and financial information will not be compromised. There needs to be accountability for such a mistake, details on the steps taken to rectify it and a process put in place to make sure this never happens again," the agent said, during an interview with Shams Charania, who broke the story.

The data breach occurred in April, but wasn't discovered until May 16.

The records compromised include player and staff financials, such as names, addresses, Social Security numbers, date of birth, and total compensation packages.

Players and staff impacted by the incident will receive three years of credit monitoring and non-expiring identity restoration services. In addition, some office staff will receive additional awareness training.

"We believe this incident arose as a result of human error, and are providing additional privacy training to our staff and implementing additional preventative measures," a statement from the team explains.

Thousands of taxpayers have been affected by W-2 Phishing attacks this year, as more than a hundred organizations across the U.S. have been successfully targeted.

While the Bucks are the first sports team to go public with their experiences, you can be sure they're not the only team that's been targeted.

Copyright © 2016 IDG Communications, Inc.

7 hot cybersecurity trends (and 2 going cold)