Another day, another sensitive breach — but at times, we do come across certain breaches which are sensitive enough to discuss with the community.
On this instance, we are talking about Tax2efile — a credible actor recently listed an interesting database for selling at one of the hacking forums, which intrigued us!
According to their website, Tax2efile is an IRS approved, Tax Filing Service Provider with the most advanced, safe and secure filing solutions that will make filing your tax forms quick and easy. Our Mission is to provide the Highest Quality Service to our Customers. We are committed to maintaining the highest standards of professionalism in building a trustworthy relationship with our valued customers. We want to understand each customer’s specific tax needs and aim to provide the best quality service specific to those needs; providing you with the highest quality information, services and products to help you reach your tax filing goals.
In terms of the information, the breach has exposed the following information:
- 39,601 SSNs
- 21,975 EIN
- 58,083 Email/Pass
- 20,390 US Bank Accounts
The information was put on sale via an auction, and was closed within 5 days i.e. data has been sold to an unknown entity via a credible escrow!
Cyble researchers have analysed the claimed breach and confirm legitimacy through the data shared with us.
As always, customers who are concerned about their information exposure can register at AmIbreached.com to ascertain their exposure.
Cyble has indexed a part of this breach as well and will try their best to acquire and index the remaining ones as well. Will keep our readers posted!
Given the seriousness of this situation, we are going ahead with the full disclosure as we genuinely value people’s privacy, and cognizant about the potential threats this sensitive information might pose to the individuals and enterprises.
About Cyble:
Cyble Inc.’s mission is to provide organizations with a real-time view of their supply chain cyber threats and risks. Their SaaS-based solution powered by machine learning and human analysis provides organizations’ insights to cyber threats introduced by suppliers and enables them to respond to them faster and more efficiently.
Cyble strives to be a reliable partner/facilitator to its clients allowing them with unprecedented security scoring of suppliers through cyber intelligence sourced from open and closed channels such as OSINT, the dark web and deep web monitoring and passive scanning of internet presence. Furthermore, the intelligence clubbed with machine learning capabilities fused with human analysis also allows clients to gain real-time cyber threat intel and help build better and stronger resilience to cyber breaches and hacks. Due to the nature of the collected data, the company also offer threat intelligence capabilities out-of-box to their subscribers.
