Malware Update: IRS Grants Tax Filing Extensions to Wolters Kluwer CCH Users

May 11, 2019: The Internal Revenue Service has granted extensions for tax returns due on May 15, including Forms 990, 1120, and 1065, for those impacted by the Wolters Kluwer CCH software service interruption. Here is the official statement from Wolters Kluwer CCH:

The IRS has graciously approved extensions for tax return types 990, 1120 and 1065 filings that were impacted by the May 6 service interruption of Wolters Kluwer CCH software. Impacted filers now have until May 22, 2019, a 7-day extension, to file. The filing will not be considered late, so all penalties and interest will be waived so there will be no additional tax liability.

Wolters Kluwer notified customers about the extension via email on Friday, May 10, 2019. The IRS has provided simple but specific instructions that preparers must follow for any return that is filed after May 15, 2019, but no later than May 22, 2019. The company will be providing those instructions in a separate communication to customers.

Wolters Kluwer is actively working with state tax agencies to gain approval for similar relief. Customers will be updated by Wolters Kluwer via email as new information becomes available.

Wolters Kluwer customers may call 800-930-1753 for dedicated support related to this incident or visit https://taxna.wolterskluwer.com for live chat customer support.

Wolters Kluwer appreciates the IRS’s support in helping to provide relief to impacted customers and thanks our customers for their continued patience as we work to address the effects of this event.

May 10, 2019: This statement was received this morning from the Wolters Kluwer marketing and communications team:

Regarding the May 6 service interruption, I wanted to provide you with an update on the situation. We are making progress toward fully restoring all our applications and platforms.

As you know, we offer a suite of distinct products, and we are scanning and testing each one as we bring them back online fully. We need to do this sequentially, and are doing so in the following order:

· CCH® SureTax® (online)

· CCH Axcess™ (online)

· CCH® AnswerConnect (online)

· CCH® IntelliConnect® (online)

· CCH® Account Research Manager (online)

· Electronic Filing System (ELF for medium and large firm customers)

· ATX™ & TaxWise® desktop electronic filing (online)

Includes 2016, 2017, 2018 electronic filing and Online check printing

· CCH Trust US™ electronic filing (online)

· CCH® Global fx

These following systems are still in process:

· TaxWise® Online™

It’s important to clarify that although there was malware on our network, at this time, we have seen no evidence that customer data and systems were compromised or that there was a breach of confidentiality of that data.

Our investigation is ongoing, and we apologize for the inconvenience this has caused our customers.

May 9, 2019: Wolters Kluwer has provided this update on the recent service outage caused by a malware attack:

On Monday May 6, our monitoring system alerted us to technical anomalies in a few of our applications and platforms. We immediately started investigating and detected the installation of malware. When we detected the malware, we proactively took a broad range of platforms, specifically including the CCH tax software applications, offline to protect our customers’ data and isolate the malware. The service interruptions our customers experienced are the result of our aggressive, precautionary efforts.

On May 7, we were able to begin restoring service to a number of applications and platforms. At this time, we have brought CCH Axcess, CCH SureTax, CCH AnswerConnect, and CCH Intelliconnect back online. Our process and protocols assure a high degree of confidence in the security of our applications and platforms before they are brought back online. We have seen no evidence that customer data and systems were compromised or that there was a breach of confidentiality of that data.

At this time, we have notified law enforcement and our investigation is ongoing. We regret any inconvenience this has caused, and we are fully committed to restoring remaining services as quickly as possible for our customers.

Wolters Kluwer has confirmed that this outage “is mainly centered in the US, not global, with exception of a few application in the UK. All the rest is up and running.”

May 7, 2019: Yesterday, May 6, CCH accounting software users headed to social media to report outages of their software and they speculated on malware attacks. Today Wolters Kluwer CCH is confirming said outages and has stated that they are indeed experiencing a malware attack. Here is the official statement from Wolters Kluwer CCH:

On Monday May 6, we started seeing technical anomalies in a number of our platforms and applications. We immediately started investigating and discovered the installation of malware. As a precaution, in parallel, we decided to take a broader range of platforms and applications offline. With this action, we aimed to quickly limit the impact this malware could have had, giving us the opportunity to investigate the issue with assistance from third-party forensics consultants and work on a solution. Unfortunately, this impacted our communication channels and limited our ability to share updates. On May 7, we were able to restore service to a number of applications and platforms.

We regret any inconvenience and that we were unable to share more information initially, as our focus was on investigation and restoring services as quickly as possible for our customers.

We have seen no evidence that customer data was taken or that there was a breach of confidentiality of that data. Also, there is no reason to believe that our customers have been infected through our platforms and applications. Our investigation is ongoing. We want to apologize for any inconvenience this may have caused.

We will keep you updated as this situation progresses. Meanwhile, please feel free to add your comments below.

Accounting