ATO warns ID thieves targeting tax agents

By

Tax payers exposed.

The Australian Tax Office (ATO) has issued a warning after it discovered tax agent accounts were compromised, giving attackers with the right information access to the records of every taxpayer in the country.

ATO warns ID thieves targeting tax agents

Attackers had used the personal details of tax agents to access their ATO accounts and generate AusKeys, the agency's digital authenticator. 

AusKey signup
AusKey signup

From there, attackers could view details of the agents' clients, including financial and personal information for the previous three years, the Sydney Morning Herald reported.

Tax agents told the publication that attackers could also view the records of any Australian taxpayer provided they knew the target's name, date of birth and tax file number, but the ATO denied this.

The ATO warned tax agents in a letter posted to the website of the Institute of Certified Bookkeepers that the accounts of "a small number of tax agents has been stolen to create unauthorised AUSkeys".

"Those looking to commit fraud are constantly looking for ways to profit so it is critical that you remain vigilant regarding online security and information."

The SMH reported that four agents were compromised.

Attackers with the same details needed to access any tax payer record could also cash out fraudulent tax returns with the ATO.

SC previously revealed how two taxpayers had their claims fraudulently submitted through tax agents, fleecing the ATO of $6500 in both cases.

Crooks were also using stolen personal details to rob victims of superannuation funds, however this was just one attack among a string of other forms of fraud based on identity theft.

The ATO urged agents to review AusKeys issued for their businesses and report unauthorised keys by phoning 1300 146 094.

Got a news tip for our journalists? Share it with us anonymously here.

Copyright © SC Magazine, Australia

Tags:

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound

Log In

  |  Forgot your password?