H&R Block Client Data Not Impacted by Heartbleed Bug
This week, security researchers announced the discovery of a security flaw in OpenSSL technology called the Heartbleed Bug. OpenSSL is used by some online services to encrypt data over the Internet but the bug may not affect every website.
H&R Block has reviewed it systems and has currently found no risk to client data due to the Heartbleed Bug. We continue to review our systems and are taking the appropriate steps to ensure our H&R Block office and online customers are protected.
In addition, the IRS has said that their systems continue to operate and are not affected by this bug, and they are not aware of any security vulnerabilities related to this situation. The IRS continues to accept tax returns as normal. The advice to taxpayers is to continue filing tax returns, including e-file.
There is no need to change your H&R Block password due to this issue. However, regularly changing passwords is recommended, as well as using different passwords for your various website accounts.