American Senior Communities falls victim to W-2 phishing scam

FORT WAYNE, Ind. (WANE) – Employees of the senior living organization American Senior Communities have fallen victim to a W-2 phishing scam.

No resident’s personal health information was stolen, according to a statement. The organization came under fire last year when the former CEO, James Burkhart was arrested on laundering and fraud charges in October.

There are 10 community locations across the northeast Indiana region, including eight in Fort Wayne, one in Auburn and one in Markle.

The organization released the full statement below on Monday afternoon.

American Senior Communities (“ASC”) has discovered that its employees, like those in many other US companies this past year, have been the victims of a sophisticated and targeted phishing attack involving employee 2016 W2 forms issued in January 2017.  In mid-January 2017, offshore scammers posing as a high level ASC executive, requested copies via e-mail of employee’s W2s. The payroll processor responded to the authentic looking e-mail by furnishing the requested information. ASC did not know of the security incident and unauthorized release of information until February 17 as the result of reports from employees that their tax returns were being rejected because someone else had already filed on their behalf.

Upon learning of these events, ASC promptly notified the Criminal Investigation Division of the IRS, the Indiana Attorney General’s Office, the Indiana Department of Revenue and local law enforcement.  The company will continue to work with these authorities to resolve this unfortunate incident.

ASC began notifying its employees of the data theft on the same day it learned of the event and is setting up a toll free number to answer employees’ questions. All current and affected former employees will be provided, at ASC’s expense, free credit monitoring and reporting services as well as assistance with tax filing concerns.

No resident or personal health information was obtained during this attack.

ASC takes privacy seriously and deeply regrets that the incident occurred and offer our sincerest apologies to everyone affected.