Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?



Law Firm Says Google Employee Information Compromised in Data Breach

Fragomen, a law firm that provides Google with I-9 employment verification compliance services, says the personal information of some people was compromised in a recent data breach.

Fragomen, a law firm that provides Google with I-9 employment verification compliance services, says the personal information of some people was compromised in a recent data breach.

Established in 1951 and headquartered in New York, Fragomen provides employment verification screening services, helping organizations determine whether employees are eligible to be working in the United States. Fragomen provides such services to Google.

Form I-9 files that companies in the United States are required to maintain on each employee that is allowed to work in the country contain a variety of sensitive data, including copies of government-issued identification documents.

In a notice of data breach filed with California’s Office of the Attorney General, Fragomen is informing affected Google employees of a data breach that it discovered on September 24, and which has resulted in personal information being compromised.

“We are writing to inform you of an incident impacting a limited number of Googlers (and former Googlers) in which an unauthorized third party accessed a file containing your information,” the company writes in its notification.

Fragomen noted that it became aware of suspicious activity within its network, which prompted it to launch an investigation. On September 24, the company discovered that a file containing I-9-related data was compromised.

“While our investigation is ongoing, we discovered that an unauthorized third party gained access to a single file containing personal information relating to I-9 employment verification services. This file contained personal information for a discrete number of Googlers (and former Googlers), including you,” the notice reads.

Advertisement. Scroll to continue reading.

The law firm also said that the compromised file contained various amounts of personal information on the affected employees. The names of all affected individuals were included in the file, but the company has yet to provide details on what other types of information was compromised.

“While we have no evidence at this point in time that your information has been viewed, we wanted to notify you of this incident and assure you that we take it very seriously. We have taken steps in response to this incident, including implementing enhancements to our IT Security infrastructure and detection capabilities,” the company notes.

The number of affected users is not known at the moment, but SecurityWeek has reached out to both Fragomen and Google for additional details on the issue and will update this article if it receives a reply.

Related: Personal Information of 46,000 U.S. Veterans Exposed in Data Breach

Related: Freepik Discloses Data Breach Impacting 8.3 Million Users

Related: SANS Institute Says 28,000 User Records Exposed in Email Breach

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...