Jeff Hill, Channel Marketing Manager, STEALTHbits Technologies adds: "TaxAct’s positioning of this breach is well-crafted, but may eventually be deemed disingenuous. They admit the attackers operated for 25 days without detection, but claim credit for identifying the issue “early.” In addition, they cryptically describe their customers’ credentials as being obtained “from an outside source,” confidently deflecting responsibility without any detail. One can appreciate the clever use of language to minimize concern and sidestep culpability, but it wouldn’t be surprising to find there’s much to this story than meets the eye."
Cyber security experts react to TaxAct breach
- Talking Point
- Posted On
Andrew Komarov, InfoArmor Chief Intelligence Officer says: "Sometimes malicious activity may be indirectly linked with targeted activities against such accounts, as modern cyber criminals use special tool kits to brute-force and cross-check stolen compromised data from different sources, with access to different services, and one of these could well be TaxAct. Tax and credit information continues to be valuable information from both commercial breaches and state sponsored attacks as well. It reveals a lot of sensitive information about the victim, such as for example, who is employed by specific organizations, which can be useful for cyber espionage targeting."