Personal Finance

Turbo Tax Cyber Attack

  • Last Updated:
  • Feb 25th, 2019 8:48 pm
[OP]
Moderator
User avatar
Jun 15, 2011
39158 posts
5746 upvotes
King City

Turbo Tax Cyber Attack

FYI to any existing or new Turbotax users.

Not sure if it belongs in here.

https://www.darkreading.com/threat-inte ... id/1333954
The One and Only and Proud to be an Indian.
If I helped in any way, click that cool little "Thanks" button.
____________________________________
RFD Twitter Chat wins: Keurig Mini Brewer, $25 Cara GC, RFD travel and ceramic mug
8 replies
[OP]
Moderator
User avatar
Jun 15, 2011
39158 posts
5746 upvotes
King City
sandeep8g wrote:
Feb 25th, 2019 2:40 pm
Did the attack cause this?

trying-netfile-get-great-message-2265695/#p30598607
Perhaps. I didn't dig too much into it, but perhaps I should. Will be a good use case for my field. :)
The One and Only and Proud to be an Indian.
If I helped in any way, click that cool little "Thanks" button.
____________________________________
RFD Twitter Chat wins: Keurig Mini Brewer, $25 Cara GC, RFD travel and ceramic mug
[OP]
Moderator
User avatar
Jun 15, 2011
39158 posts
5746 upvotes
King City
Isostar wrote:
Feb 25th, 2019 3:40 pm
The article you are referring is for US breach. Do they have common database for both US and CA?
Didn't specify, and I am hoping they're not common. That would be a big mistake on Turbo Tax's part.
The One and Only and Proud to be an Indian.
If I helped in any way, click that cool little "Thanks" button.
____________________________________
RFD Twitter Chat wins: Keurig Mini Brewer, $25 Cara GC, RFD travel and ceramic mug
Deal Expert
Aug 22, 2011
27180 posts
13155 upvotes
Ottawa
Looks like it only impacts those that uses their online software for filing?
Deal Addict
Oct 22, 2015
1131 posts
305 upvotes
vkizzle wrote:
Feb 25th, 2019 4:02 pm
Looks like it only impacts those that uses their online software for filing?
Yes sounds online only. That's why I don't trust simpletax and such...I rather install on PC.
Member
Aug 19, 2013
252 posts
193 upvotes
Etobicoke
That's why I always prefer StudioTax.
Tangerine | Public Mobile |STACK MC
Deal Addict
Aug 18, 2018
1317 posts
915 upvotes
SFO <==> YYZ
Financial software company Intuit discovered that tax return info was accessed by an unauthorized party after an undisclosed number of TurboTax tax preparation software accounts were breached in a credential stuffing attack.

A credential stuffing attack is when attackers compile username and passwords that were leaked from previous security breaches and use those credentials to try and gain access to accounts at other sites. This type of attack works particularly well against users who use the same password at every site.
Not sure I'd really call this an "attack", more like a bunch of amateurs trying to get lucky.

And this also highlights the importance of not recycling your login credentials for critical websites. I'll be the first to admit I recycle my logins for non-essential fluff, but definitely NOT for important sites like TurboTax or any government websites.

In any case, changed my PW, then turned on 2FA for additional protection. Thanks for the headsup.

Top