Data Breach May Compromise Tax Returns for 8,800 TaxSlayer Customers
Last week, TaxSlayer notified 8,800 of its customers that an unauthorized third party may have accessed their tax returns.
According to a letter sent to their customers and filed with the State of California Department of Justice, the company discovered the breach on January 13, 2016. They believe an “unauthorized third party” obtained usernames and passwords from another online service and was able to access certain TaxSlayer accounts between 10/10/2015 and 12/21/2015.
The company said there is no proof the technical security of their systems was compromised.
Anyone accessing a customer’s account would have access to that person’s 2014 tax returns (draft and filed returns), which would include the customer’s name and address, Social Security number, the Social Security numbers of any dependents and all other information contained on the forms.
TaxSlayer has temporarily disabled access to the breached accounts. Customers will need to reset their password and authenticate their identity using the “multi-factor authentication” on the website. The company recommends that these customers change their usernames and passwords for all of the websites that they use–not just TaxSlayer.
To protect customers, TaxSlayer is offering a year of free credit monitoring services through ID Experts. The services will also include a $1,000,000 insurance reimbursement policy, education materials and access to fraud resolution specialists.
Only a few weeks ago, TaxAct announced the tax return information for 450 customers may have been stolen.