Between October of 2015 and December of 2015, cybercriminals were able to hack into the accounts of almost 9,000 customers of legitimate online tax preparation service TaxSlayer Online.  The hackers used the information gathered in the data breach to make TaxSlayer Online’s customers victims of income tax identity theft and obtained phony tax refunds using the names and information of their victims.
The Federal Trade Commission (FTC) brought legal action against TaxSlayer for it failure to secure the data of its customers and other security related violations.  Among the more serious charges were that TaxSlayer Online failed to notify its customers when a change was made of the bank account to which their tax refund would be sent.
TaxSlayer Online has come to a settlement with the FTC pursuant to which it will be taking extensive security steps to prevent such data breaches in the future.
TIPS
This case again emphasizes the fact that we are only as safe as the places with which we do business that have the worst security.  So what should we be doing to help keep ourselves safe?  First and foremost, everyone should use a unique password for each and every online account that you have.  It is not that difficult to do.  In addition, whenever you can, use dual factor authentication.  With dual factor authentication, you receive a one time code by way of your smartphone each time you go to your online account. Although this may seem like an inconvenience.  It is extremely useful and not terribly time consuming.