Intuit Reports Stuffing Attempts Against TurboTax Customers

  • Intuit notifies owners of TurboTax accounts of a successful breach against them.
  • The compromised accounts were temporarily disabled, and victims are urged to follow the designated resetting process.
  • No further details regarding when the stuffing attack took place, or how many people were affected were given out.

Intuit, the developer of the TurboTax software suite, has disclosed a stuffing attack incident that unfortunately resulted in a data breach. The attackers have accessed the tax return information of TurboTax accounts of existing customers by using login credentials that they got from elsewhere. This means that the people who had their accounts compromised are those who use the same or similar passwords on multiple platforms and websites. As required by law, Intuit has issued a breach notification filled with the Vermont Attorney General, and so the owners of jeopardized accounts are currently in the process of getting alerted about the incident.

intuit_notification_letter
source: ago.vermont.gov

All of these accounts have been temporarily disabled to ensure that the attackers won’t be able to perform any fundamental changes that will result in their irreversible take-over, and those who can no longer login have to contact the company’s Customer Service at 1-800-944-8596 and say “security” when prompted. This will put them through the process of reactivating their accounts after resetting the compromised login credentials. Alternatively, they may send an email at “[email protected]” and follow the detailed guidelines to restore their accounts. Along with the resetting, Intuit will offer free of charge enrollment in a one-year credit monitoring program that will protect the victims of the stuffing attack from unauthorized purchases and fraudulent activities.

Intuit has not clarified the number of the breached accounts, but based on their notice, they reside in Maryland, Massachusetts, and North Carolina. TurboTax is a very popular and praised tax preparation software package that has been around for two decades already, so its user base is naturally quite large. According to their official blog, TurboTax is used by about 36 million taxpayers each year, so the extent of this incident may be quite large. The actual date of the data breach remains also undisclosed for security reasons. Those who have received the notices, however, have gotten this information as well.

Are you using TurboTax or any other tax filling software suite? Share your thoughts and comments beneath, and don’t hesitate to do the same on our socials, on Facebook and Twitter.

REVIEW OVERVIEW

Recent Articles

Multiple Flaws in Apache Guacamole Leave Sour Taste for Corporate Networks

Check Point warns about an exploit chain leading “full network control” attack against corporate networks. The discovered flaws concern the FreeRDP 2.0.0...

Massive “V Shred” Data Breach Exposes More Than 99,000 Customers

“V Shred” has left an unprotected database online, exposing the sensitive details of 99,000 clients. The data that has leaked includes names,...

TrickBot Malware Has Updated Itself With Anti-Analysis Features

TrickBot is now checking what resolution it’s running on and stops if it’s an unusually low setting. The notorious trojan is checking for...

Top Selfie Beautification Apps Available in India Right Now

The ax of the Indian government has cut even the popular selfie beautification image apps “YouCan Makeup,” “Selfie City,” and “Meitu,” in the context...

Top 5 Alternatives for the “DU Battery Saver” That Was Banned in India

Due to the recent ban of 59 Chinese apps imposed by the Indian government, the “DU Battery Saver” has been blocked in the country....