Snapchat posted a public apology to its employees this weekend, confirming the company had fallen for a phishing scam that revealed internal payroll information.

The scammers apparently sent an email to Snapchat’s payroll department impersonating the company’s Chief Executive Officer and requesting employee information. It worked, unfortunately. Snapchat noted that its servers weren’t breached, but some current and former employee identities were compromised.

The company quickly reported the incident to the FBI. Snapchat also contacted all affected employees, offering two years of identity-theft insurance and monitoring for free. Finally, it says it’s beefing up security efforts moving forward.

“To make good on that last point, we will redouble our already rigorous training programs around privacy and security in the coming weeks,” the company said. “Our hope is that we never have to write a blog post like this again.”

The company’s run into pretty bad security issues before, but at its current size a customer data breach could be pretty devastating.

Source Snapchat