Jump to content
  • Intuit notifies customers of hacked TurboTax accounts


    Karlston

    • 1.1k views
    • 3 minutes
     Share


    • 1.1k views
    • 3 minutes

    Intuit notifies customers of hacked TurboTax accounts

     

    Financial software company Intuit has notified TurboTax customers that some of their personal and financial information was accessed by attackers following what looks like a series of account takeover attacks.

     

    In a breach notification letter sent to affected customers earlier this month, the company said that this was not a "systemic data breach of Intuit."

     

    In account takeover attacks, cybercriminals gain access to their victims' accounts using credentials stolen from other online services following past data breaches.

     

    This type of attack works incredibly well against targets who use the same login credentials for multiple sites or services.

    TurboTax accounts hacked using reused credentials

    Intuit discovered during a security review that an undisclosed number of TurboTax accounts was breached and customer info was exposed. 

     

    The company's investigation revealed that the threat actors used credentials (usernames and passwords) obtained from "a non-Intuit source" to gain access to the accounts.

     

    "By accessing your account, the unauthorized party may have obtained information contained in a prior year's tax return or your current tax return in progress, such as your name, Social Security number, address(es), date of birth, driver's license number and financial information (e.g., salary and deductions), and information of other individuals contained in the tax return," Intuit explained.

     

    "We deeply regret that this incident may affect you. Intuit has taken various measures to help ensure that the accounts of affected customers are protected. We are notifying you so you can take steps to help protect your information," the company added.

     

    After discovering the attacks, Intuit temporarily disabled the breached TurboTax accounts. Users who had their accounts deactivated must contact Intuit's Customer Care department at 1-800-944-8596 and say "Security" when prompted.

     

    Afterward, Intuit employees will walk them through an identity verification procedure designed to help reactivate the accounts.

    Previous alerts of threat actors taking over TurboTax accounts

    This is not the first time attackers have successfully hacked into TurboTax users' accounts and stole financial and personal information.

     

    TurboTax customers were previously targeted in at least three other series of account takeover attacks in 2014/2015 and again in 2019.

     

    Just as after the previous three incidents, Intuit provides one year of free identity protection, credit monitoring, and Experian IdentityWorks identity restoration services to impacted customers.

     

    Intuit and TurboTax spokespersons were not available for comment when contacted by BleepingComputer earlier for further info on the breach dates and the number of impacted accounts.

     

     

    Intuit notifies customers of hacked TurboTax accounts


    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...