Intuit [INTU], IRS face hack attack as Mr. Market meanders
WASHINGTON, February 9, 2015 – Monday’s markets meandered in mostly negative territory in lackluster trading, closing modestly but clearly down, with all major averages in the red.
The usual suspects—oil, Greece, Ukraine vs. U.S.S.R. and the permanently messy Middle East—all were probably to blame to some extent for the lackluster performance, plus the fact that markets currently just love to go down on Mondays, likely due to HFTs spoofing prices and laying in their negative or short bets for the week.
Adding to the underlying tension were reports this weekend that a large number of e-filed state tax returns calculated and transmitted via Intuit’s (INTU) popular TurboTax software, appear to have been phony, generated on a massive scale by hard-working international hackers as yet unidentified.
Having obtained the personal information of individual filers elsewhere—Target (TGT), Home Depot (HD), and other wide-ranging corporate hacker victims come to mind—the hackers filed fake individual returns, clearly hoping to collect the refunds and disappear without a trace. As a partial result, Intuit temporarily halted electronic filing of state returns.
Monday, we learned that similar (or perhaps the same) hackers have been playing the same game with Federal tax returns as well, hugely compounding the initial state filing problem. At this point, it appears that neither TurboTax software nor IRS systems were compromised, as the crucial filing information was obtained elsewhere. But that’s cold comfort for anyone who’s been ensnared by the hackers
The current tax software and filing situation hardly inspires confidence, as the game is being played through electronic filing gateways that apparently didn’t detect the situation immediately. Nor does there appear to be a ready fix for such fraudulent filings, clear evidence that neither Intuit nor the IRS have software and systems robust enough to stop such attacks in their tracks let alone trace the hackers’ trail.
Worse, we’ve learned, is the potential problem for individual e-filers who discover that their returns have already been illegally filed for them by hackers who’ve already run off with their refunds. I.e., if the victimized but legitimate taxpayers have a refund due, too bad. They’ll have to prove that they are really the real-life legal filers in order to get the refund due to them, a dreary task that could consume six months or more, according to sources.
And that’s assuming they can actually convince IRS bureaucrats of the truth—a serious issue, given that most of the politically compromised IRS is likely still dedicated to slow-walking Republican and Conservative nonprofit exemption applications and not examining individual returns. OK, we’re kidding, but only a little. In any event, the general situation certainly adds insult to injury. The taxpayer victims of hacker-refund thieves all have to prove they themselves aren’t guilty of tax fraud rather than the other way around.
As for Intuit, it’s been double and triple trouble for them in 2015. The company torqued off mass numbers of its smaller, lower-income users in January by effectively forcing them to upgrade to higher cost TurboTax products they didn’t really need.
H&R Block and smaller software competitors eagerly stepped into the fray, offering free versions of their product to any disgruntled TurboTax users. A substantial number of filers appear to have taken them up on the offer, forcing Intuit to counter with a blanket apology missive and the company’s own free or reduced price software penance.
So not only has Intuit been negatively awarded for its bold-faced foray into the Kingdom of Corporate Greed. It’s now been caught unprepared for what we’ve always regarded as the most predictable of mass hack attacks.
As Deep Throat once said in an entirely different context, “Follow the Money.” And what better pot of gold could be sitting at the end of the criminal rainbow but the huge pile of Benjamins awaiting their annual repatriation to individual taxpayers each and every fiscal year? You can just about hear the “Bonanza” theme song in the background.
We may be layering on too many metaphors here, but the overriding lesson here is simple: U.S. financial systems are essentially unprotected, totally exposed to epic hack-attacks likely generated by international criminal gangs either funded by or directly employed by hostile foreign governments, most likely
the U.S.S.R., Russia, China and North Korea, perhaps with those peace-loving Iranians thrown in.
Neither the U.S. government under the feckless Obama Administration, nor corporate America itself has taken this issue with anything remotely approaching genuine seriousness. So we figure the worst is yet to come. We’ll have more of this in future columns.
After some initial damage, Intuit’s stock closed limply up today. But given the earlier PR fiasco coupled with the current mess, this is a company that has some real thinking to do with regard not only to its sleazy business plan. Intuit is going to have to put some serious money into beefing up its information systems, likely in cooperation with the IRS.
Unfortunately, the latter is a government entity that has already been exposed as thoroughly politicized and corrupt, with a leftist-Democrat hierarchy clearly more dedicated to political retribution and punishment of its enemies than it is to honesty and protection of American taxpayers.
Disgusting. But we’ve been on record on this issue for some time, and the IRS continues to evade the truth under a wimpy, half-hearted Republican House counter-assault.
Simple advice for the average taxpayer
Although he’s no longer a registered representative, the Maven offers readers advice that he, himself, has already undertaken in past tax-filing years: to play it safe, and to avoid any further electronic data grabs or snooping during tax-filing season, just go back to printing out those returns and filing them by snail mail.
A wire report today from MarketWatch pretty much says the same thing:
In light of recent security issues with Intuit (INTU) , maker of the popular TurboTax software, at least one tax adviser is suggesting that the old-fashioned filing method may be the way to go. In a column for the San Francisco Business Times, Paul Bleeg, a tax partner with the accounting firm of EisnerAmper, says e-filing may offer convenience, but it comes with a host of security and other risks.
Bleeg cites how tax information has gotten into the hands of hackers in the past — most notably, in South Carolina, where 3.9 million returns were affected by a cyber attack. Bleed also says that taxpayers who file electronically may face a higher chance of being audited–a point raised in 2009 by Congress’ Joint Tax Committee, which noted that the IRS is “better able to make use of its computer infrastructure to target” electronic returns.
Italics above by the Maven. This is another example of the IRS adding insult to injury, as if the current hack attacks aren’t problem enough. Maybe it’s time to make the IRS actually do something useful by avalanching them with paper returns. We’re really not kidding. Maybe this kind of nonsense is what motivated hapless Greek taxpayers to evade their government’s tax collectors en masse. We know how that story ended up. It’s something to think about.
On the whole, the messy international situation, coupled with an epic hacker assault on the entire U.S. tax collection system that’s being seriously underreported by so-called news services and media outlets is making it really hard to put down bets in this stock market—bets that will allow investors to sleep easily every night. So far in 2015, those happy days are fast becoming a distant memory.