W-2 tax forms for 2016 can be bought and sold on the dark web at $20 or less

By Kevin Parrish Published January 31, 2017

Hacker — hamburg_berlin/Shutterstock

Security researcher Brian Krebs reports that hackers are now selling W-2 tax forms on the dark web, a collection of websites that requires special software or authorization to access and can’t be found using Google or Bing. It’s an online world where pirated software can be obtained and cybercriminal shops can thrive, selling goods like PayPal account credentials, stolen credit cards, and now apparently last year’s tax forms.

According to Krebs, the W-2 tax form data was up for sale on an unnamed dark web shop under the “other” category. The data stemmed from more than 3,600 residents from Florida and included their employer’s name, employer ID, and employer address. The info also included the taxpayer’s personal information such as address, social security number, 2016 wage information, and the taxes withheld.

Recommended Videos

The stolen W-2 records required Bitcoins to purchase and their cost depended on the wage made by the taxpayer, ranging between $4 and $20 each. Thus, the higher the wage, the more money thieves could possibly land if they are successful in tricking the Internal Revenue Service with a fraudulent tax form filed using the purchased taxpayer information.

The tax information may have stemmed from a Florida-based firm called The Payroll Professionals. Krebs figured this out after a source purchased two of the listed W-2 forms stemming from Kirai Restaurant Group LLC. Krebs contacted the restaurant company who said it outsources employee tax forms to The Payroll Professionals.

A representative of The Payroll Professionals confirmed with Krebs that the company was aware of a “potential hacking” and was currently informing customers of the potential problem. Krebs found additional W-2 tax forms on the dark web storefront stemming from companies that use The Payroll Professionals to handle their payroll.

How The Payroll Professionals was hacked is unknown. In a typical scenario, scammers would spoof a bogus email to resemble a high-ranking official in a company and send it to human resources and the payroll department. The email would demand a copy of all employee W-2 data to be returned immediately.

Just days ago, a hacker impersonated Sunrun CEO Lynn Jurich in an email sent to the company’s payroll department and received employee W-2 forms for 2016. The hacker got away with “a substantial portion” of the company’s current and former employee personal and financial information. Luckily, Sunrun’s customer database was not affected by the phishing scam.

“Sunrun recognized the issue within one hour of the scam and immediately began working with the proper authorities,” the company said Friday. “We are committed to the safety and security of our employees’ information and will continue to work diligently to increase the security of our systems and implement tighter controls.”

Taxpayers worried about hackers filing fraudulent claims on behalf of their information can use file form 14039 (pdf) if they believe they are victims of identity theft. Taxpayers can also request a six-digit Identity Protection PIN to help combat fraudulent tax returns.

Topics

Former Digital Trends Contributor

Kevin started taking PCs apart in the 90s when Quake was on the way and his PC lacked the required components. Since then…

Computing

Best early Black Friday deals under $100: Amazon Echo, TVs, headphones and more

The Amazon Echo Pop on a desk.

Update 11/19/24: Black Friday is still over a week away, but you can already start your shopping with the Black Friday deals under $100 that we've gathered here. There's a possibility that these affordable items get even bigger discounts when the sale officially launches, but we won't blame you if you're already tempted by today's prices.

Black Friday will start on November 29, but if you've already got the itch to shop, check out the early Black Friday deals under $100 that we've gathered here. The offers cover smart home devices, laptops, TVs, kitchen gadgets, and so much more, so if you want to start enjoying discounts without blowing your entire budget for the shopping event, take a look at our favorite bargains below.

Computing

Understandably, Stalker 2 is a bit of a mess on PC

Key art for Stalker 2. A character in a lit-up gas mask and a gun on their back.

Stalker 2 is one of those games I never thought would actually release. Originally announced 14 years ago, the project was shelved after developer GSC Game World closed its doors, only to be reignited in 2018. Then, as the originally announced 2022 release of the game approached, Ukraine, where the developer was based, was invaded by Russia.

There are plenty of games that suffer in development hell, but they pale in comparison to the struggles Stalker 2 has gone through. The fact that the game is even here is nothing short of a miracle. Like other titles stuck in development hell, though, Stalker 2 is far from perfect, particularly when it comes to PC performance.

Computing

Nvidia may keep producing one RTX 40 GPU, and it’s not the one we want

The Alienware m16 R2 on a white desk.

The last few weeks brought us a slew of rumors about Nvidia potentially sunsetting most of the RTX 40-series graphics cards. However, a new update reveals that one GPU might remain in production long after other GPUs are no longer being produced. Unfortunately, it's a GPU that would struggle to rank among Nvidia's best graphics cards. I'm talking about the RTX 4050 -- a card that only appears in laptops.

The scoop comes from a leaker on Weibo and was first spotted by Wccftech. The leaker states that the RTX 4050 is "the only 40-series laptop GPU that Nvidia will continue to supply" after the highly anticipated launch of the RTX 50-series. Unsurprisingly, the tipster also reveals that the fact that both the RTX 4050 and the RTX 5050 will be readily available at the same time will also impact the pricing of the next-gen card.