Do you work for a corporation, especially in the U.S.? You may be at risk for tax return fraud.
ADP is a payroll provider. Hackers were able to acquire tax information of employees of U.S. Bank from ADP. Now, this doesn’t mean that ADP was directly hacked into. Instead, what happened, it seems, their authentication system was flawed and ADP failed to implement a protection strategy for the personal data to keep it safe from prying eyes.
The crooks registered ADP accounts by using the stolen data of the bank employees. These accounts allowed the crooks to get additional W-2 information—enough to commit tax return fraud. In other words, looks like a W-2 gateway was created to file fraudulent tax returns.
If it happened to U.S. Bank and ADP, it can happen many places else.
ADP says that the breach did not originate from their computer network, but where exactly it did come from is not clear at this point, as there are multiple possibilities including the hacking into of a third party service.
The hackers also used a unique company issued URL. This URL is needed to register an ADP account. It is not known at this point in time if the U.S. Bank URL required credentials to gain access to or not, but since this data breach, U.S. Bank has withdrawn plans to further post the URL online. U.S. Bank has also removed their publicly accessible W-2 form from cyberspace.
Despite the data breach, there were only minimal effects to employees and customers of ADP and U.S. Bank. But the minimal adverse outcome is no reason to let your guard down. Next time, the institutions may not be so lucky.
Solution: Fill out the IRS Identity Theft Affidavit ASAP. Here: https://www.irs.gov/pub/irs-pdf/f14039.pdf
ROBERT SICILIANO, CEO of IDTheftSecurity.com is fiercely committed to informing, educating, and empowering Americans so they can be protected from violence and crime in the physical and virtual worlds. His "tell it like it is" style is sought after by major media outlets, executives in the C-Suite of leading corporations, meeting planners, and community leaders to get the straight talk they need to stay safe in a world in which physical and virtual crime is commonplace. Siciliano is accessible, real, professional, and ready to weigh in and comment at a moment's notice on breaking news.
- Why You should file your Tax Return Yesterday
Someone else might file your taxes if you don’t get to it. And they won’t be doing it as a favor; they’ll be doing it to steal your identity. Here’s how it works: Cyber thieves send fraudulent e-mails to a business’s employees. The e-mails are designed to look like they came from the big wigs at the company. As
- Chip and PIN, will It save Us?
Many Americans, says a recent survey by Gallup, worry about a data breach connected to the use of their credit cards. Interestingly, many people use a credit card for everything under the sun: even just a soda and bag of chips from the convenience mart. The more you use a credit card, the more likely
- 2009 Data Breaches: Identity Theft Continues
Robert Siciliano Identity Theft Expert The Identity Theft Resource Center® Breach Report recorded 498 breaches, less than the 657 in 2008, more than the 446 in 2007. Are data breaches increasing or decreasing? That is the question no one can answer. This fact will not change until there is a single data breach list
- Retirees Prime Targets for Identity Theft
Is it easier for crooks to prey on senior citizens, or is it that most targets are the seniors? Well, one thing’s for sure: A disproportionate percentage of identity theft complaints come from people 50-plus (though I’m sure some readers would hardly consider 50-somethings to be seniors—but you get the point). Some scammers go after seniors because
- Self-revelation Can Help Assemble a Social Security Number
I am not done nor will I ever be done sounding that alarm, ringing that bell and informing you about how ridiculous social media is. I was asked in a radio interview today what it will take to get people to recognize they are sharing too much data. In a word, tragedy. When a home