Tax Preparers, Employers, and Financial Institutions:

Have criminals obtained personal identifying information from your employees or clients? Have your databases or systems been breached or infiltrated through malware or a stolen password?

You can help the victims by reporting the details to the IRS and to the state tax agencies. FTA, a nonprofit association of all state tax agencies, has made it easy for you to deal with all 42 income tax states with a single process. This is a free service.

Your first step

Send an email to [email protected] FTA will work with you individually to explain the secure process you can use to report victim information.

What FTA will do (and won’t do)

FTA will pass along your reports of phishing and other incidents to all state tax agencies that administer an income tax.

FTA can accept and securely distribute public data, such as a company name and FEIN. FTA can also accept general information relating to the scheme or data breach. You can send those details through an email to [email protected]

FTA does not handle sensitive information such as W-2s or Social Security numbers or other personal identifying data.
Instead, state tax administrators have created a secure location where you can send sensitive, personal information one time and it can be picked up by all 42 income tax states. FTA will give you instructions on how to submit sensitive data to this location.

What will State Tax Departments do?

Details about compromised W-2s and other stolen data will allow tax agencies to immediately update their refund fraud programs. This helps protect your employees and clients from refund theft. If state tax administrators need additional details from you, they will phone you directly.