Anthem, TurboTax and How Things "Fit Together" Sometimes
Everybody probably heard of the Anthem data breach. If you are affected, you probably got an e-mail from your HR person with some details by now, or you got a phishing e-mail making sure you can enjoy the "Breached" feeling even without having a health plan with Anthem.
Whenever there is a big event, be aware that others may jump on the coat tails of the news coverage to take advantage of the general confusion. Hardly any "Anthem" customers actually hear of the name before, as they typically use a local healthplan that is part of the larger Anthem network.
If you receive any phishing emails (only got one so far, but I bet there are more out there) , then please forward it.
On the same note: What is someone going to do with your social security number? The standard answer is "identity theft" and "taking out a loan in your name". Either method is actually quite laborious, and people comiting fraud don't do it because they like to work hard for their money. Turns out there is an easier way, and that gets us to the second story today:
TurboTax (Intuit) today announced that they will not process state returns due to excessive fraud. Tax season of course is just heating up in the US, and TurboTax decided to stop processing state returns after at least one state refused to accept them due to a high rate of fraud for returns filed with TurboTax.
Apparently, for your convenience, TurboTax saved the information you submitted in prior years. If you have ever filled out a tax return, this information can be difficult to dig up. To retrieve this information, you need your global universal password: Your social security number. The result is that by using Turbo Tax, and knowing a tax filers Social Security Number, fraudsters can very easily assemble a plausible tax return and pocket the refund. This fraud is often undetected until the actual tax payer submits a return. In this case, the later return is rejected and now the legitimate tax payer has to proof that their return is more legitimate then the earlier one. This can lead to extensive delays in receiving a refund.
Application Security: Securing Web Apps, APIs, and Microservices | Washington | Dec 13th - Dec 18th 2024 |
Comments
That said, glad somebody's finally taking notice of this issue and forcing a sanity check.
Anonymous
Feb 6th 2015
9 years ago
Anonymous
Feb 7th 2015
9 years ago
Anonymous
Feb 8th 2015
9 years ago
And this is one of two reasons I always try to adjust my withholding so I owe the IRS money (but not so much I pay a penalty), not the other way around. Any rational person looking at two returns, one legit, one fraudulent, where one says they get a refund, and the other says they owe the IRS and include some money, can pick out the real one.
Anonymous
Feb 9th 2015
9 years ago