Pivotal Software reports phishing attack, data breach

Pivotal Software reports a phishing attack, leading to the unauthorized disclosure of personal payroll information of several of its U.S. employees.

Pivotal Software, Inc. is a significant American multinational company providing cloud platform hosting and consulting services, with its headquarters in San Francisco. Pivotal became well-known for its contributions to cloud computing and big data solutions, including the Cloud Foundry for cloud applications. In December 2019, VMware acquired Pivotal, and since November 2023, it has been a part of Broadcom

The cybercriminals executed the scam by impersonating Pivotal's CEO, Rob Mee, and sending a deceptive email to employees requesting payroll data. The scam was successful when one employee, deceived by the email's authenticity, forwarded the W-2 tax information for all U.S. Pivotal employees to the attackers.

Pivotal acknowledged the breach late Thursday 21st of March in an internal memo and claims to have taken immediate action to address the situation. Pivotal states that no customer data was affected by this incident.

No details are disclosed about the number of affected individuals.

Employees are urged to file their tax returns promptly to prevent fraudulent claims. Additionally, the company has engaged an ID monitoring service to provide three years of protection for affected employees and established a call center hotline for support.