US tax preparation firm TaxSlayer has warned that thousands of user records may have recently been compromised in a cyber attack.
According to the International Business Times, thousands of user records may have been compromised in an incident last year. An ongoing security review has begun in order to work out what led to the breach.
The company has claimed that usernames and passwords may have been accessed by the attackers, while social security numbers and old tax returns could also have been in danger of being obtained.
In a filing to the Californian Department of Justice, Lisa Daniel, director of customer support at TaxSlayer explained that the incident took place between October 10th and December 21st.
“The unauthorised third party may have obtained access to any information you included in a tax return or draft tax return saved on TaxSlayer, including your name and address, your social security number, the social security numbers of your dependents, and other data contained on your 2014 tax return,” the letter read.
The company has now urged customers to change their username and password for TaxSlayer and any other accounts with the same credentials. It has also called for consumers to use an Identity Protection PIN, which will be uniquely assigned to each customer to improve security.
After the attack, TaxSlayer disabled access to any affected accounts and urged users to utilise two-factor authentication to ensure that personal accounts are as secure as possible.
With cyber security becoming one of the top priorities for managers at the moment, it will be interesting to see if companies decide to devote more time and resources to it in the future, especially with attackers coming up with increasingly sophisticated ways to attack accounts.