Any tax exempt organizations (e.g., 501(c)(3) nonprofits) that file their annual form 990, 990-N, or 990-EZ online should pay special attention to this security alert issued by the Urban Institute’s National Center for Charitable Statistics (NCCS).  According to the alert: “an unauthorized party or parties have gained access to the Form 990 Online and e-Postcard filing systems for nonprofit organizations.”

Although these 990 filings become public record, organizations’ account information, including  passwords, were compromised. You will be required to change your password the next time you log into the system, which you’re encouraged to do immediately. If you use the same password on different systems accessed by your organization, you should take measures to change all of those passwords as well.

For additional details on the breach, review the FAQs here.

For questions about your organization’s filing obligations or to discuss reinstatement if your organizations tax exempt status has been revoked due to failure to file your 990s, contact Zak Shusterman.