It appears that the American online tax platform eFile.com has once again fallen victim to a ransomware attack.
Earlier this week, ransomware operators LockBit added the company to their extortion site, threatening to leak the files stolen during the raid, The register reports. However, the company has neither confirmed nor denied the attack.
So we don’t know if the attack even happened, and even if it did, what data the hackers stole, who was affected, and how many people are at risk.
Tax season
eFile.com is not a government organization and is in no way affiliated with the Internal Revenue Service (IRS). It is a private, commercial, online tax preparation platform that allows users to prepare and file their federal and state tax returns electronically. It offers both free and paid options and comes with an easy-to-use interface and step-by-step guidance to simplify the tax filing process. However, it is authorized by the IRS to operate its business.
Cybercriminals are no strangers to attacking the IRS or other businesses that deal with tax obligations. However, the attacks usually take place during tax season (between early January and mid-April of a year), as hackers have a high chance of going undetected during that time. Typically, the crooks will pose as the IRS and send phishing emails to their victims, tricking them into installing malware or sharing sensitive information.
In some cases, the criminals obtained so much PII that they stole a person’s identity and filed their tax returns, effectively stealing money from them.
The attack, which occurred outside of tax season, raises a lot of questions. For example, The Register suspects the bad guys are reusing data from a 2022 breach. They could also be outright lying, trying to claw back some fame after being disrupted by law enforcement.
Via The register