COVID-19 may have made April 15 just another day on the calendar this year, but cybercriminals are still running W-2 tax form scams this time hitting Applications Software Technologies.

The San Diego-based firm discovered on March 9 that an unauthorized party had accessed the company by obtaining access to a company email account. The attacker essentially took over the email account, used it to request the employee’s 2019 W-2 data and then divert the information to themselves.

The company’s Notice of Data Breach sent to the California Attorney General’s office said a full scan of its system searching for any malware that may have been left behind by the intruder has turned up nothing. The company has also immediately started using MFA for its executives, human resources and financial staffers with the intention of rolling out the protective measure across the entire company in the coming weeks.

Typically, W-2 information is used to send in fraudulent tax returns with any money owed to the worker diverted to the criminal’s bank account. These forms also host a wealth of valuable personal information that can then be used for other criminal activities.