Fraudulent Tax Filings Go Out For Harding, Shymanski, and Company Customers
Table of Contents
- By Steven
- Apr 21, 2023
Harding, Shymanski, and Company is a major accounting firm that works with customers providing them with tax help and other financial services. The company recently suffered from a data breach that exposed many of its clients and led to fraudulent tax filings for the 2022 tax year. The company employs more than 142 people and has an approximate annual revenue of $28 million. A large number of individuals were impacted by this very serious data breach.
How Did the Attack Occur?
This data attack occurred when one or more people used employee credentials to access the tax returns for 2021 customers of Harding, Shymanski, and Company. While accessing the returns, the people leveraged the information contained within to file fraudulent returns in order to claim the money that would be given back. The attack occurred earlier this year and was conducted quickly to allow the hackers to file as many fake tax returns as possible. It was a tactic to give the attackers the ability to collect money from all the stolen identities.
What Information Was Viewed or Stolen?
This data breach led to all standard tax information being taken for all the customers involved. That means the attacker got access to their Social Security numbers, bank account numbers, first and last names, driver's license numbers, investment account information, bank routing numbers, and more. All this information can be used to open fraudulent accounts and file fraudulent tax returns. The data should have been protected by the firm more effectively, and the breach is likely to cause serious problems for the individuals moving forward.
How Did Harding, Shymanski, and Company Admit to the Breach?
The accounting firm filed a statement with the Montana Attorney General and also sent out individual notifications to anyone involved in this breach. The filing occurred on April 11, 2023, and included all the information about what data was stolen and how the attacker was able to access the data.
What Will Become of the Stolen Information?
The attackers have already filed fake tax returns for a large number of people, and those returns could lead to the hackers being paid money they don't deserve. It's likely the information will be used for other purposes as well. Anyone that receives a letter about the issue should expect their data to be used to open new credit accounts and in an attempt to complete purchases as well.
What Should Affected Parties Do in the Aftermath of the Breach?
If you receive a letter about the data breach, you should immediately take steps to protect yourself. Invest in identity theft protection services and take action to keep your data safe over time by freezing your credit accounts and monitoring your financial accounts. If you react fast and watch your accounts closely, you may be able to avoid most of the common issues that will result from this breach. You will also have to work with the government to sort out fraudulent tax filing if the individuals filed your tax return for you.