One Week, Two Hacks And A Whole Bunch Of Cyber Worries In a single week, the hack of a health insurance giant exposed as many as 80 million Social Security numbers and TurboTax halted e-filing due to fraud. NPR's Arun Rath talks with reporter Brian Krebs.

One Week, Two Hacks And A Whole Bunch Of Cyber Worries

One Week, Two Hacks And A Whole Bunch Of Cyber Worries

  • Download
  • <iframe src="https://www.npr.org/player/embed/384782585/384782587" width="100%" height="290" frameborder="0" scrolling="no" title="NPR embedded audio player">
  • Transcript

In a single week, the hack of a health insurance giant exposed as many as 80 million Social Security numbers and TurboTax halted e-filing due to fraud. NPR's Arun Rath talks with reporter Brian Krebs.

ARUN RATH, HOST:

It's been a busy week for cyber criminals. First, the medical insurance giant Anthem was hacked, exposing the names, contact information and social security numbers of as many as 80 million people. Then, on Thursday, Inuit, the company that makes popular tax-preparation software TurboTax, had to halt transmitting state tax returns after reports of fraud in 18 different states. For advice on what to do, I consulted security expert Brian Krebs. We started with Anthem.

BRIAN KREBS: The number one thing that people should be watching out for is scammers who take advantage of this, and they're already starting doing this. So they're putting up fake websites that pretend to be Anthem offering free credit-monitoring services and, you know, trying to get you to click on things or give up information that you shouldn't give up. So - and this is happening not just via traditional phishing attacks, but also, according to Anthem, they're cold-calling people and asking for this information, pretending to be the company or a company that is working with Anthem to help people secure their identities. So just be very careful about those types of scams? We've already seen them, and we're going to see them ramp up even more, I think, in the weeks ahead.

RATH: Now, about TurboTax - they suspended state e-filing this past week. They've restarted it now, but if you're a person who files this way, what should you do?

KREBS: Well, first of all, you should find out if your taxes have already been filed for you. One way you can do is just log into your account and see if there's been any recent activity. If so, it might be a good idea to reach out to the state tax folks. Report that as quickly as possible. My advice to people is a lot of the tax fraud that's happening is happening because, number one, people wait till the last minute to file their taxes. So file your taxes as early as possible. And if you've become a victim - if somebody's already filed your taxes, make sure that you reach out to your state treasury department and to the federal folks. And the IRS has some great resources on their homepage for that.

RATH: Now, Brian, you don't write about this with total detachment. You've actually been the victim of this kind of fraud.

KREBS: (Laughter) Yes, same thing happened to me. I filed for an extension. We paid what we owed to the government. And then October came around, and we actually got around to filing our taxes, and they said, nope, somebody's done it for you. What the IRS does when you have this happen to you is they give you a filing pin. It's a special pin so that the next time you file, the return won't go through unless the filer has that pin. Consumers actually can proactively request this special filing pin by filling out a special form on the IRS's site. I think they make you sign a thing that says you think you're a victim of identity theft, or you're likely to be a victim of identity theft. But frankly, with how much of our data is being hacked and stolen, anybody could make that claim, I think, honestly these days.

RATH: That's Brian Krebs. He writes extensively about cyber security and crime at his website krebsonsecurity.com. Brian, thanks very much.

KREBS: Hey, thanks for having me.

Copyright © 2015 NPR. All rights reserved. Visit our website terms of use and permissions pages at www.npr.org for further information.

NPR transcripts are created on a rush deadline by Verb8tm, Inc., an NPR contractor, and produced using a proprietary transcription process developed with NPR. This text may not be in its final form and may be updated or revised in the future. Accuracy and availability may vary. The authoritative record of NPR’s programming is the audio record.