Intuit discovered that an undisclosed number of its TurboTax accounts were breached. The attackers used the credentials obtained from a third-party source to gain access to the accounts.
Account takeover attacks are very common, to pull them off attackers steal credentials that victims used to access other online services.
The financial software company told its TurboTax customers that some of their personal and financial information had leaked.
“By accessing your account, the unauthorized party may have obtained information contained in a prior year’s tax return or your current tax return in progress, such as your name, Social Security number, address(es), date of birth, driver’s license number and financial information (e.g., salary and deductions), and information of other individuals contained in the tax return,” Intuit explained.
Intuit apologized and has taken various measures to protect the information of its customers. Firstly, the company immediately disabled the accounts of its customers after learning about the attacks.
“We deeply regret that this incident may affect you. Intuit has taken various measures to help ensure that the accounts of affected customers are protected. We are notifying you so you can take steps to help protect your information,” the company added.
Intuit employees will then walk the victims through an account reactivation process after they’ve verified their identities.
There were previous warnings about attackers taking over TurboTax accounts. TurboTax customers were targeted at least three times in 2014 and 2019.
Following the latest data breach, as previously, Intuit has offered affected customers a year of free identity protection, along with credit monitoring and identity restoration services.