Security news aggregator

Latest coverage for Tax

Tax rules shape how organizations protect financial records, manage sensitive identity data, and meet legal duties for cybersecurity and reporting.

1 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Tax is a compulsory payment to a government, calculated under rules that may apply to individuals, businesses, property, transactions, or income. Tax administration depends on records such as identity details, bank-account information, income data, payroll records, and business financial information. Tax agencies, employers, financial institutions, and tax professionals may exchange or store this data through filing portals, application interfaces, email, and document-management systems.

Its security relevance is concentrated in confidentiality, integrity, and identity assurance. Stolen credentials or altered taxpayer records can support fraudulent filings, redirected refunds, or unauthorized access to sensitive financial information; phishing and compromise of a preparer or employer can expose many records at once. Appropriate controls include strong authentication, least-privilege access, encryption, secure data exchange, tamper-evident audit logs, and retention limits consistent with privacy and legal obligations. Security teams should also monitor filing and account changes, verify unusual requests through trusted channels, and maintain procedures for investigating suspected fraud or unauthorized disclosure.

Showing 1 most recent headlines Filtered view
Krebs on Security 2 years, 3 months ago

Who Stole 3.6M Tax Records from South Carolina?

For nearly a dozen years, residents of South Carolina have been kept in the dark by state and federal investigators over who was responsible for hacking into the state's revenue department in 2012 and stealing tax and bank account information for 3.6 million people. The answer may no longer be a mystery: KrebsOnSecurity found compelling clues suggesting the intrusion was carried out by the same Russian hacking crew that stole of millions of payment card records from big box retailers like Home Depot and Target in the years that followed.