[BreachExchange] TurboTax Hit with Cyberattack, Tax Returns Compromised

Destry Winant destry at riskbasedsecurity.com
Tue Feb 26 01:39:18 EST 2019


https://www.darkreading.com/threat-intelligence/turbotax-hit-with-cyberattack-tax-returns-compromised/d/d-id/1333954

Officials report an unauthorized party obtained tax return data by
using credentials obtained from an outside source.

Intuit, a financial software company and creator of services Mint,
QuickBooks, and TurboTax, reports the latter has been hit with a
credential stuffing attack targeting users' tax return information.

The incident was discovered during a system security review, Intuit
reported in a breach disclosure letter filed with the Office of the
Vermont Attorney General and shared with affected users. Officials
explain how an unauthorized party targeted TurboTax users by taking
usernames and passwords "from a non-Intuit source," which they used in
a credential stuffing attack.

If their login was successful, attackers may have accessed data
contained in a prior year's tax return or current tax returns in
progress. This includes name, Social Security number, address(es),
birthdates, driver's license number, and financial data (salary,
deductions), as well as information belonging to other individuals
included in the victim's tax return, they report.

Upon discovering the problem, Intuit made affected accounts
temporarily unavailable to protect data from further unauthorized
access. It's offering victims one year of free identity protection,
credit monitoring, and identity restoration services via Experian
IdentityWorks.


More information about the BreachExchange mailing list