Late last week, TurboTax, the online tax return filing software, turned off its state filing feature for all states after the discovery that fraudulent returns had been filed, according to USA Today. Stolen personal data had been used to file fake state returns allowing criminals to claim tax refunds.
TurboTax’s state filing feature has resumed after an investigation found that the fake returns were not a result of TurboTax’s systems, but a result of data stolen elsewhere.
“We are taking this issue very seriously and from the moment it emerged it has been all-hands-on-deck,” says Brad Smith, CEO of TurboTax parent company Intuit. “I am more than pleased we were able to resume transmission for our customers within about 24 hours.”
According to USA Today, two customers from Minnesota logged onto TurboTax to find their state returns already filed, prompting the state of Minnesota to no longer accept electronically submitted filings using TurboTax. In addition, the state of Utah discovered 28 fraud attempts.
The fear of personal data breaches is heightened after last week’s Anthem Health Insurance hack, where the names, addresses, email addresses, social security numbers, and income levels of 80 million people were stolen. According to MarketWatch, this kind of data makes it easy for a criminal to file a fake tax return. Much of this data is sold on the black market in bulk. Criminals will set up in a hotel room and file return after return.
Fraudulent tax returns are all too common. In 2013, the IRS paid $5.2 billion in refunds to fraudulent identities.