There's a massive data breach you need to know about because your financial information, including your Social Security number, may have been stolen and used to access your tax records and salary information. You won't believe who's to blame.
At least 431,000 people are being alerted that they may be victims of this ongoing ordeal. But the number of people whose data was stolen could easily surpass 500,000.
Here's what we know so far. Last week, one of the nation’s largest grocery store chains alerted its 431,000 current and past employees to a possible theft of their W-2 information, resulting from a security breach at Equifax. That's one of the three major credit bureaus that keep track of your credit score.
Identity thieves stole workers’ tax and salary data from Equifax's W-2Express site and may have used it to file fraudulent tax returns.
This supermarket chain, Kroger, which owns many popular supermarkets like Fry's and Ralphs, has more than 431,000 employees who were registered to download their paperless W-2 forms through the portal. Kroger is likely only one of several victims of this breach. Meaning, there are probably other victims who have yet to alert their employees and customers.
Note: This is an important reminder to always change your password. Equifax's default login-PIN on its W-2Express, unbelievably, is the last four digits of a person's social security number and birth year. That makes it relatively easy to compromise.
Security experts strongly suggest changing any default password issued for any program as soon as you register. It is believed that employees who updated their Equifax passwords are not subject to the latest breach.
Kroger is one of the largest grocery retailers in the world. The company says they will work with Equifax and law enforcement officials to identify the affected employees and will provide free credit monitoring services. The grocery giant told employees they would know if they were victims of the breach if they received an IRS notice that a fraudulent refund request had been made in their name.
Keep reading Happening Now for the latest developments in this data breach, and all the day's tech stories that affect you.