Contents:
Intuit has informed TurboTax clients that some of their private and financial information was accessed by threat actors following what seems to be a sequence of account takeover attacks.
Intuit Inc. is an American organization that specializes in financial software whose products include the tax preparation application TurboTax, personal finance app Mint and the small business accounting program QuickBooks.
Earlier this month, the financial software company sent a breach notice to the impacted clients saying that what happened was not a “systemic data breach of Intuit.”
Reused Names and Passwords Employed to Breach TurboTax Accounts
An account takeover attack involves cybercriminals obtaining access and control over user accounts to carry out fraud. The hackers will steal login credentials and then take over user accounts.
This kind of attack flourishes because the majority of people utilize the same password for a variety of services. This way, threat actors can use your one password to get into most of your accounts and engage in malicious activity.
The financial software organization noticed during a security review that an unspecified number of TurboTax accounts was hacked and client personal data was left unprotected. Its investigation showed that the attackers employed usernames and passwords acquired from a source that wasn’t Intuit in order to get access to the accounts.
The company stated:
By accessing your account, the unauthorized party may have obtained information contained in a prior year’s tax return or your current tax return in progress, such as your name, Social Security number, address(es), date of birth, driver’s license number and financial information (e.g., salary and deductions), and information of other individuals contained in the tax return.
Intuit apologized and assured its customers that it had taken various measures to help make sure the hacked accounts are now secured.
Following the attacks, the company disabled the affected TurboTax accounts for a limited period.
Clients with inactive accounts are required to contact Intuit’s Customer Care department at 1-800-944-8596 and say “Security” when prompted. An Intuit employee will assist and help them reactivate their accounts.
TurboTax User’s Accounts Hacked Before
Threat actors managed to breach into TurboTax accounts before and steal financial and sensitive data.
According to BleepingComputer, TurboTax customers were previously targeted in at least three other series of account takeover attacks in 2014/2015 and again in 2019.
Following the attacks, the financial software organization offers one year of complimentary identity protection, credit monitoring, and Experian IdentityWorks identity restoration services to affected clients.