- Russia-Linked Lynx Gang Claims Ransomware Attack Targeting CSA Tax and Consulting Exposed Taxpayer Data
- Data breaches include Social Security numbers, tax returns, health insurance policies, company communications, and more.
- Data breaches can create risks of identity theft, IRS fraud, insurance fraud, and serious business and regulatory consequences.
CSA Tax & Advisory, an in-house tax and accounting firm based in Haverhill, Massachusetts, has been hit by a ransomware attack, reportedly from a Russian-linked ransomware group. A group calling itself Lynx recently added CSA to its list of data breach sites and said it also stole sensitive data from American taxpayers.
CSA has neither confirmed nor denied the breach, so it remains to be seen if Lynx’s claims are true.
However, the group posted sample data on its website, which CyberNews researchers say includes people’s full names, Social Security numbers (SSNs), addresses, spouses’ health insurance policies, invoices, personal income tax return data, signature authorization forms on IRS electronic files, internal company communications, and more.
How data can be misused
If confirmed, this breach would be extremely serious as all personal and financial information would have been exposed, putting victims at risk of identity theft and fraud.
At the individual level, combining a Social Security number (SSN) and address or tax return information can lead to identity theft. Criminals can open credit cards, apply for loans, file false tax returns to claim refunds, and evade background checks by banks, lenders, and government agencies. Social Security numbers don’t expire, so the damage could last for years.
Tax documents, such as IRS e-signature authorization forms, can also be abused to file false tax returns, divert refunds, or alter returns without the victim’s knowledge.
Victims can find themselves embroiled in months-long disputes with the IRS to prove they were victims of fraud. Spousal health insurance policies can lead to insurance fraud and extortion. Affected individuals would be at significant and measurable risk if a breach occurred, as attackers could use the information to file false insurance claims, impersonate insurance company policyholders, or threaten to reveal sensitive medical or family information.
Fraudsters can also use this data to attack businesses through social engineering, business email compromise (BEC), or financial fraud.
Internal emails can reveal workflows, consent chains, and trust relationships that can be widely exploited by cybercriminals. In such cases, companies will consider regulatory fines, mandatory breach notices, litigation, loss of customer trust, and potential professional liability claims. In the United States, revealing your social security number (SSN) and tax information often results in violations of state law, an IRS investigation, and possible action by the Federal Trade Commission (FTC).
When using network news
