Cyber Attacks

Hackers use stolen password to access TurboTax tax return information


The tax return information stored with TurboTax has been accessed by hackers by using a stolen password from a third party.

The attack did not breach the internal systems at Intuit, that owns TurboTax. The attackers used the passwords stolen from other services and tried them against TurboTax accounts to login. The personal details of the users such as Social Security numbers, names and addresses etc are stored in tax returns.

Only one account of a customer in Vermont was accessed according to a spokesperson in TurboTax.

The method of attack called as “credential stuffing,” works mainly as the users reuse the same password across multiple accounts. It is a great risk to use the same password for your TurboTax account and some other service if it gets hacked.

The users must use a unique password and also set up two-factor authentication method as an additional -security, where another device is also necessary to provide a one-time code while signing in.

Priyanka R
Cyber Security Enthusiast, Security Blogger, Technical Editor, Author at Cyber Safe News

    Google eliminates passwords with FIDO2 support on Android

    Previous article

    SHAREit Android App Flaw Lets Hackers Steal Files

    Next article

    You may also like


    Leave a reply

    Your email address will not be published. Required fields are marked *