Turbotax web application security vulnerability.

  security turbo_tax vulnerability web_applications wtf

A customer of the Turbo Tax web application discovered by accident that it is possible to look at tax information belonging to other customers who happen to share your last name by attempting to view past tax filings. By 'tax information' I mean everything, from Social Security Numbers to bank account numbers and routing codes.

Here's hoping they audited the code in that web app and fixed it before anyone else had a chance to discover the bug, and take advantage of it.