The Urban Institute’s National Center for Charitable Statistics (“NCCS”) reported this week that hackers tapped into its online filing system for Forms 990, 990-EZ, 990-N, and 8868 (Application for Extension), as well as state filings for Hawaii, Michigan, and New York. According to the report, information including e-mail addresses, usernames, passwords, individual names, and IP addresses of filing nonprofits all were accessed and retrieved by the hackers. As many as 700,000 organizations might have been affected, according to The Hill.
The hacked files did not include Social Security numbers or credit card information, according to the Urban Institute, and The Hill reports that “there is apparently no evidence that tax filings themselves were compromised.”
Any organization that has used the NCCS system to submit any of the filings identified above should (if it has not already) change its password on the system, and login information on any other system using the same username and/or password that was used at NCCS.