Add TaxAct to the companies notifying customers of a possible data breach. The tax preparation provider says outsiders gained "inappropriate access" to an unspecified number of customers' records.
"We have no evidence that any TaxAct system has been compromised and believe the third party used username and password combinations obtained from sources outside of our system," the company said in a letter to its customers.
The full text of the letter is available on the California Attorney General's website.
"In addition to your username and password, we have reviewed our website logs for account activity after this attempted access, and found that the tax return(s) stored in your account may have been opened or printed," the company added. "These documents may contain your name and Social Security number, and may also contain your address, driver's license number, and bank account information."
TaxAct said the incidents occurred between November 10 and December 4, and said it has suspended "a small number of accounts after finding evidence of suspicious activity.
"As a result of our existing processes, we identified the issue early and prevented any further data from being compromised," the letter said.
All those affected are being offered a 12 month subscription to ID Experts' MyIDCare service.