Oklahoma Tax Commission Data Breach Exposes Personal Information

Severity: Medium (Score: 51.9)

Sources: Okcfox

Summary

The Oklahoma Tax Commission has reported a security incident involving unauthorized access to personal data through its online taxpayer portal, OK-TAP. Letters dated March 27, 2026, were sent to affected individuals, indicating that their personal information, including Social Security numbers, was compromised. The breach was discovered in December 2025, with unauthorized access occurring from September 18, 2025, to December 20, 2025. The agency has engaged third-party cybersecurity specialists to investigate the incident and assess the extent of the data accessed, which includes W-2 and 1099 files. Although the exact number of affected individuals is unknown, the Tax Commission has begun notifying those impacted. Experts warn that the stolen data could be used for identity theft and tax fraud. The agency is implementing additional security measures to prevent future incidents. However, there has been no response to inquiries about the delay in notifying affected individuals. Key Points: • Oklahoma Tax Commission's online portal breach exposed personal data of residents. • Unauthorized access occurred from September 18 to December 20, 2025. • Affected individuals are advised to utilize free credit monitoring and fraud alerts.

Key Entities

• Data Breach (attack_type)
• Oklahoma Tax Commission (company)
• Ok-tap (platform)