Los Angeles County Office of Education investigating tax records breach

Fraudsters reportedly gained access to electronic tax records of teachers and administrators at certain schools administered by the Los Angeles County Office of Education and filed fraudulent tax returns on their behalf.

 

Earlier this week, the Southern California News Group, an umbrella organisations for multiple daily newspapers operating in the Greater Los Angeles area, said that the data breach affected multiple schools administered by LACOE, forcing the organisation to temporarily disable its online tax returns filing portal.

 

LACOE utilises services from W2Copy which provides electronic W2 forms to teachers and other employees to enable them to file tax returns. The service also allows schools to report employee earnings, tips and tax withholdings. 

 

The news came to light after several teachers and administers at LACOE-operated school districts reported fraudulent tax returns filed on their behalf, raising the possibility of a significant breach of their personal and protected financial information by malicious actors.

 

LACOE said it had temporarily disabled its tax filing portal while it investigated the issue and advised teachers and employees to stay vigilant against rising instances of fraud and identity theft during the tax filing season.

 

“While the investigation is ongoing, there are early indications that Social Security numbers were used to file fraudulent tax returns and some cases may have involved the use of dependent’s information as part of the fraudulent filings,” said LACOE’s chief technology officer Jose Gonzalez and chief financial officer David Hart in letters sent to school administrators.

 

“It is important to acknowledge that this type of activity reflects a broader environment where organisations across the country are constantly confronting evolving threats related to cybersecurity and identity theft. Accordingly, we encourage all districts and employees to remain highly vigilant,” they added.

 

W2Copy said in a statement that its investigation into the reported tax filing fraud did not provide any evidence of a data breach or misuse of employees’ credentials. It also specified that no other organisation reported instances of fraudulent tax filing. 

 

“Specifically, the investigation found that all login activity to the portal observed during the review utilised valid, system-recognized credentials and successfully completed authentication through the standard login process,” W2Copy said. “No evidence was identified indicating the use of invalid credentials, authentication bypass, or compromise of the portal’s login mechanism.”

 

W2Copy enforces two-factor authentication on its tax filing platform, sending six-digit confirmation codes to users’ email addresses when they sign up or register for paperless tax documents. The company says it uses data encryption to protect employers’ and employees’ sensitive information.