TaxSlayer, publisher of the popular online tax preparation software, revealed this week that hackers may have accessed 8,800 customers’ tax return information.
The company believes the digital intruders got in by stealing usernames and passwords from a third-party vendor, using that information to crack into people’s accounts. Social Security numbers, names, addresses and other 2014 tax return information were all potentially exposed, according to an official filing with the State of California Department of Justice.
In total, the company said “less than one third of one percent” of TaxSlayer’s database was likely involved in the breach.
The company does not believe its digital security systems were compromised during the intrusion.
Electronic tax fraud has exploded in recent years, driven by a rash of major data breaches across the U.S.
During last year’s tax filing season, at least 19 states noticed spikes in electronic filing fraud, causing some to even briefly stop accepting some electronic returns.
Intuit, maker of the popular tax filing software TurboTax, also suspended services temporarily after noticing a dramatic rise in stolen personal information being used to claim tax refunds.
After tax season, the Internal Revenue Service revealed that hackers had swiped sensitive information on more than 300,000 taxpayers. The cyber thieves broke in through the IRS system that allows taxpayers to request transcripts of their returns and other sensitive information.
Officials said they believed the digital intruders were hoping to gather information to help file fraudulent tax returns in 2016.