A phishing email scam has forced data storage firm Seagate Technology to disclose private employee information.
Tax information, including Social Security numbers and salaries, for all current and former U.S.-based employees was sent to an unauthorized third party last week, the Cupertino-based company told CNBC in an e-mailed statement.
"The information was sent by an employee who believed the phishing email was a legitimate internal company request...At this point, we have no information to suggest that employee data has been misused, but caution and vigilance are in order."
Seagate added that it had immediately notified the Internal Revenue Service (IRS), which is now actively investigating it along with federal law enforcement.
Seagate also provided affected employees with a two-year membership to an identity theft protection service developed by Experian.
An individual's tax details are typically used by cyber criminals looking to scam the IRS.
"Fraudsters who perpetrate tax refund fraud prize [this] information because it contains virtually all of the data one would need to fraudulently file someone's taxes and request a large refund in their name," cyber security expert Brian Krebs, who first wrote about the data theft at Seagate, said in a blog post on Sunday.
Tax refund fraud was responsible for a nearly 50 percent increase in U.S. consumer identity theft complaints last year, he continued, citing official statistics.
Seagate said the IRS had immediately put a watch for fraudulent filings on all of the company's employees' accounts.
This report has been updated to reflect the fact that Seagate provided employees with an Experian product to help deal with the potential for identity theft.