By Sierra Marling, Charleston Gazette-Mail
NITRO, W.Va. — A single deceptive email triggered a citywide data breach in Nitro, exposing employee tax information and prompting a multi-agency investigation called “Project Papa.”
In July, the Gazette-Mail reported that the City of Nitro had fallen victim to a data breach. Newly obtained records through the Freedom of Information Act requests now provide a clearer picture of how the incident unfolded, the city’s response and the impact on affected employees.
Data breach
City records show the incident began when a city accounting employee received an email on Jan. 21 that appeared to come from “Dave Casebolt” — similar to Mayor David Casebolt’s name, but it was from a Gmail address instead of the city’s standard email addresses that end in cityofnitro.org.
The message read: “I hope you have not become too involved. Kindly copy me copies of 2024 W2 (PDF) of all staff for a quick review.”
The employee complied, sending a PDF labeled “W-2 forms 2024” containing employees’ names, addresses, Social Security numbers and tax withholding data — information that can be used to file fraudulent tax returns.
