Intuit, the maker of popular tax filing software TurboTax, has been contacted by the FTC as well as the DOJ, due to the recent increase in fraudulent income tax filings by identity thieves using their software. The identity thieve uses a legitimate tax payer’s Social Security number in order to get their tax refund.
Intuit, which has anticipated the inquiries due to the increase in cyberfraud that occurs during tax season, has stated that it’s cooperating fully. The company said, in relation to the inquiries from regulatory authorities, “we welcome the opportunity to share information and cooperate with their inquiries.”
The government’s involvement follows revelations from February when tax authorities from several states detected a large number of suspicious filings from TurboTax users. This prompted TurboTax to halt transmissions of electronically filled tax returns for approximately 24 hours while it worked to enhance security measures. While there were also reports of fraudulent federal returns, TurboTax decided against halting electronically filed federal returns. although the e-filing of federal returns wasn’t halted.
Aside from inquiries from the DOJ and FTC, Intuit is dealing with probes from the FBI which is looking to determine whether any type of data breaches has led to the increase seen in the filing of false returns. Intuit has stated that their systems weren’t hacked or breached.
The IRS and lawmakers from Congress are also looking to begin their own examinations.
As regulatory authorities continue with their inquiries, Intuit will plan to demonstrate that the company has taken the proper measures in offering legitimate taxpayers a convenient and secure solution to filing taxes. However, two former employees, one of which was a former principal security engineer at Intuit, claim that the company decided against taking the proper security measures needed to better safeguard TurboTax because executives were concerned those actions would adversely impact the company’s market share.
Intuit vigorously denied the allegations in an email released from a spokesperson for the company. In the email, the company denied that it prioritized the processing of fraudulent tax refunds at the expense of customers using their software.
The company has looked to improve their security measures which includes requiring customers to file both a federal and state tax return together to enhance the ability of the company in catching fraudulent tax returns. TurboTax also now requires “multi-factor authentication,” – before customers can file a return, they need to enter a specific code that is sent to them via email or to their mobile phone.
In the same statement released by Intuit that confirmed that they were contacted by the government, the company has also stated that it won’t provide additional details to the public on the inquiries until they’re complete.