According to a statement provided by the company, “An employee received an email that appeared to have been sent by an officer of the company asking for employee W-2 information. In reality, this email was sent from an outside party using a common fraud tactic known as email spoofing/phishing and, as a consequence, personal employee information was disclosed externally … We believe that any person who received a W-2 from us in 2015 may be impacted, but this does not include those who provided a Form 1099.”
Phishing scams have been making headlines of late, successfully targeting companies like Snapchat. Ryman Hospitality Properties may have been the victim of one in particular that raised enough red flags to garner significant media attention.
The company says it is “working aggressively to investigate all aspects of the situation” and it is apologizing for the incident. “We take the privacy of our employees’ personal information very seriously, and while we had controls in place to prevent this sort of leak, they did not work in this instance,” the statement says. “Our primary focus now is to work aggressively to ensure this never happens again, and we have an entire response team working toward this aim.”
Affected employees are being provided with identity theft protection and credit monitoring services at no cost.
A company rep confirms that some musicians were affected, but it is unclear whether they include any Grand Ole Opry cast members. Billboard reached out to reps for several Opry members on March 28, all of whom said they were not aware of the breach.