Stolen W-2 Tax Form Data Up for Grabs on the Dark Web

Updated on:
network and data protection
Internet security experts have warned of W-2 tax form data being sold on the dark web. The data can be used to fraudulently obtain tax refunds.

It is common knowledge today that the dark web is a major facilitator of many cybercrime incidents.

A large percentage of dark web transactions involve the buying and selling of fraudulently-obtained troves of confidential data.

As the United States 2016 tax season continues, fraudsters are once again ready to take advantage of tax returns.

According to a recent report by Brian Krebs, hackers are selling stolen W-2 tax forms on a dark web marketplace.

Krebs, an internet security researcher, brought to light that a dark web shop is dealing with the W-2 tax forms alongside PayPal account logins, credit card data, and compromised computer access.

The unidentified dark web shop indexed the tax information of over 3600 citizens.

Your TOR usage is being watched

The information therein includes the victims’ employer names, addresses, social security numbers, and employer IDs, as well as wage data from 2016 and withheld taxes.

Interestingly, all of the affected individuals are residents of Florida.

Anonymous mask to hide
According to a recent report by Brian Krebs, hackers are selling stolen W-2 tax forms on a dark web marketplace.

Reports indicate that a W-2 tax form/record is going for between $4 and $20 worth of Bitcoin, depending on the wages of the affected employees.

Since fraudsters can collect higher tax refunds from high-wage employees, those W-2 records cost significantly more.

Once an individual purchases the tax data, they can attempt to defraud the Internal Revenue Service (IRS) by impersonating the victim.

The exact methods that were used employed to obtain the tax form data is not conclusively known.

However, there is some evidence that the data might have been leaked from The Payroll Professionals, a local tax preparation company.

Some of the tax records in the dark web platforms apparently belong to employees from Kirai Restaurant Group and a medical office in Boca Raton.

According to Krebs’ report, these two Florida-based businesses enlisted the services of The Payroll Professionals.

A representative of the firm revealed that they were aware of the possible breach and were preparing to inform the affected clientele.

There is unfounded speculation that the hackers employed a phishing, a common method for stealing employee data from employers.

Phishing works by sending false emails to Human Resource personnel or payroll department workers, with the hackers posing as a higher-ranking employee within the same organization and proceed to request the tax related data.

Unfortunately, this social engineering technique often has a high success rate.

This and other techniques result in hundreds of thousands of tax fraud cases in the US every year.

Documentation from the Federal Trade Commission revealed that tax refund fraud made up a significant portion of 2015’s identity theft complaints.

Less than a month ago, Sunrun was the victim of such an attack.

This solar panel manufacturer suffered a phishing cyber-attack that resulted in the leak of more than 3,400 W-2 tax form records.

While it is possible that tax data available on the dark web is as a result of phishing, the chances are very low.

There are several ways through which Americans can mitigate this and other forms of tax fraud.

In such a case where the data is openly available on dark web platforms, the best course of action is filing tax returns as soon as possible before the fraudsters do.

This applies to all employees regardless of their tax status.

It is also good practice for an employee to monitor credit by requesting credit reports regularly from their respective credit bureaus.

Employees can also file Form 14039, an official statement documenting the possibility of identity fraud victimhood.

The government can also issue a six-digit Identity Protection PIN at the citizen’s request, which serves to tackle tax return fraud.

Write for us


The articles and content found on Dark Web News are for general information purposes only and are not intended to solicit illegal activity or constitute legal advice. Using drugs is harmful to your health and can cause serious problems including death and imprisonment, and any treatment should not be undertaken without medical supervision.


  1. Anonymous

    How to get invited


Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.