Sorry, you need to enable JavaScript to visit this website.

CyberScout is the nation’s premier consultative provider of identity and data risk management, resolution and education services.

TurboTax Hit By Credential Stuffing Attack

TurboTax Hit By Credential Stuffing Attack
February 25, 2019
turbotax breach

An undisclosed number of TurboTax customer accounts have been compromised in a credential stuffing attack.

“Based on our investigation,” a notice told affected users, “…an unauthorized party may have accessed your account by using your usemame and password combination that was obtained from a non-Intuit source. The unauthorized access occurred [on/from] [date/date range]. By accessing your account, the unauthorized party may have obtained information contained in a prior year’s tax return or your current tax return in progress, such as your name, Social Security number, address(es), date of birth, driver’s license number and financial information (e.g._ salary and deductions), and information of other individuals contained in the tax return.”

Intuit is offering one year of free identity theft protection to affected customers, but vehemently denied that a breach took place.

“There has been NO data breach of Intuit’s systems.  There was NO third party that accessed Intuit systems or accessed customer information stored in those systems… a customer’s account experienced unauthorized access by a third party using legitimate log-in credentials that Intuit believes were obtained from sources outside the company.  The individual’s account login information may have been acquired from any number of sources outside of Intuit.”

Read more details here.

Offer 24/7 CyberScout Protection

CyberScout's partnership options help you safeguard the identity and privacy of your policyholders, customers, members and employees. Discover how a customized program can help build brand loyalty, customer retention, and quickly generate long-term recurring revenue.

Get Started