Heimdal
article featured image

Contents:

Intuit has informed TurboTax clients that some of their private and financial information was accessed by threat actors following what seems to be a sequence of account takeover attacks.

Intuit Inc. is an American organization that specializes in financial software whose products include the tax preparation application TurboTax, personal finance app Mint and the small business accounting program QuickBooks.

Earlier this month, the financial software company sent a breach notice to the impacted clients saying that what happened was not a “systemic data breach of Intuit.”

Reused Names and Passwords Employed to Breach TurboTax Accounts

An account takeover attack involves cybercriminals obtaining access and control over user accounts to carry out fraud. The hackers will steal login credentials and then take over user accounts.

This kind of attack flourishes because the majority of people utilize the same password for a variety of services. This way, threat actors can use your one password to get into most of your accounts and engage in malicious activity.

The financial software organization noticed during a security review that an unspecified number of TurboTax accounts was hacked and client personal data was left unprotected. Its investigation showed that the attackers employed usernames and passwords acquired from a source that wasn’t Intuit in order to get access to the accounts.

The company stated:

By accessing your account, the unauthorized party may have obtained information contained in a prior year’s tax return or your current tax return in progress, such as your name, Social Security number, address(es), date of birth, driver’s license number and financial information (e.g., salary and deductions), and information of other individuals contained in the tax return.

Source

Intuit apologized and assured its customers that it had taken various measures to help make sure the hacked accounts are now secured.

Following the attacks, the company disabled the affected TurboTax accounts for a limited period.

Clients with inactive accounts are required to contact Intuit’s Customer Care department at 1-800-944-8596 and say “Security” when prompted. An Intuit employee will assist and help them reactivate their accounts.

TurboTax User’s Accounts Hacked Before

Threat actors managed to breach into TurboTax accounts before and steal financial and sensitive data.

According to BleepingComputer, TurboTax customers were previously targeted in at least three other series of account takeover attacks in 2014/2015 and again in 2019.

Following the attacks, the financial software organization offers one year of complimentary identity protection, credit monitoring, and Experian IdentityWorks identity restoration services to affected clients.

Author Profile

Antonia Din

PR & Video Content Manager

linkedin icon

As a Senior Content Writer and Video Content Creator specializing in cybersecurity, I leverage digital media to unravel and clarify complex cybersecurity concepts and emerging trends. With my extensive knowledge in the field, I create content that engages a diverse audience, from cybersecurity novices to experienced experts. My approach is to create a nexus of understanding, taking technical security topics and transforming them into accessible, relatable knowledge for anyone interested in strengthening their security posture.

CHECK OUR SUITE OF 11 CYBERSECURITY SOLUTIONS

SEE MORE