Credential stuffing attacks struck an undisclosed number of TurboTax accounts. Credentials came from an unknown, non-Intuit source. 

Password reuse continues to be a problem that isn't going away soon, even as breach awareness heightens.