September 18, 2024 at 04:19PM
LockBit ransomware gang claims to have breached eFile.com, an IRS-authorized tax return e-filer with no affiliation to the IRS. The Register has not confirmed the breach. If true, it poses a risk to personal and financial data. Earlier security issues were reported in March 2023. Late filers are urged to monitor banking activities.
From the meeting notes, it is evident that the notorious ransomware gang LockBit claims to have compromised eFile.com, an IRS-authorized e-file provider offering online services for electronically filing tax returns with the US Internal Revenue Service. The Register has not verified the claims, and neither the website nor the IRS immediately responded to inquiries. However, if the claims are true, it could potentially put a significant amount of personal and financial data at risk, and individuals are advised to be vigilant for any suspicious banking activity.
It is worth noting that this alleged compromise follows an earlier security incident involving eFile.com, where miscreants compromised the e-filing website and used it to deliver malware by redirecting visitors to a phony browser update page with a link to download and run a .exe file. While eFile.com has removed the malicious code from its website, this latest alleged compromise comes at a time when late tax filers granted an extension by the IRS are scrambling to submit their documents prior to the October 15 deadline.
Furthermore, despite disruptions to LockBit’s ransomware operations by global law enforcement earlier this year, the gang continues to be active, with its ransomware responsible for a significant portion of infections in recent months, ranking as the third most prevalent strain behind RansomHub and Meow.
Please let me know if there are any specific action items or follow-up tasks that need to be addressed in relation to this information.