IRS WISP Builder Tool | Protect Your Accounting Firm: Navigating the Largest Data Breach Ever & WISP
Log in
Resources & News

Protect Your Accounting Firm: Navigating the Largest Data Breach Ever & WISP

June 27, 2025
IRS WISP Builder Tool | Protect Your Accounting Firm: Navigating the Largest Data Breach Ever & WISP

The Record-Breaking Data Breach: Protecting Your Accounting Firm Now

Why WISP Compliance is Your Firm’s Best Defense Against Cyber Threats

In June 2025, Cybernews reported what may be the largest credential leak in history—a staggering 9.9 billion unique passwords and login records exposed in a single dataset. This massive breach, compiled from past leaks and fresh logs from infostealer malware, highlights just how vulnerable businesses of all sizes really are.

Yes, nearly 10 billion credentials—yours may be among them. What Happened?

Cybercriminals collected years’ worth of stolen credentials—many from devices infected by malware that silently harvested login data. The result: a searchable “mother of all breaches” (MOAB) now circulating among hackers.

This isn’t just big—it’s historic. And small firms, especially in regulated industries like tax, accounting and finance, are at even greater risk.

Why It Matters for WISP Compliance

If you’re collecting or storing personal client data and don’t have a Written Information Security Plan (WISP) in place, this breach could be a legal and financial nightmare waiting to happen.

If You Don’t Have an IRS WISP:

  • You may fail IRS and FTC compliance checks.
  • Your e-filing privileges could be revoked.
  • Cyber insurance claims may be denied.
  • And yes—you could face penalties of $43,792 per day.
  • READ MORE about IRS WISP compliance here

What you should do immediately as a tax and accounting pro:

  1. Identify and change passwords that have not been changed in some time.

  2. Double check that MFA (Multi-factor authentication) is turned on, on ANY and ALL accounts.

  3. Review your WISP (Written Information Security Plan). Pay special attention to policies and procedures regarding the accounts that were breached.

  4. Inform your employees.  Now is a great time to hold security training for your group.

  5. Check your credit reports for any suspicious activity

If you wish to learn more about cybersecurity smarts and the regulations that drive it, check out our IRS-Mandated WISP Builder Solution to learn more and take advantage of tools that can help you today.

 

cybersecurity planningdata security accountingdo i need a wispirs mandated wispIRS WISPirs wisp auditpub 5709written information security plan
Next
Cybersecurity Planning for Accountants: How to Protect Client Data from Cyber Threats
Privacy Settings
We use cookies to enhance your experience while using our website. If you are using our Services via a browser you can restrict, block or remove cookies through your web browser settings. We also use content and scripts from third parties that may use tracking technologies. You can selectively provide your consent below to allow such third party embeds. For complete information about the cookies we use, data we collect and how we process them, please check our Privacy Policy
Youtube
Consent to display content from - Youtube
Vimeo
Consent to display content from - Vimeo
Google Maps
Consent to display content from - Google
Spotify
Consent to display content from - Spotify
Sound Cloud
Consent to display content from - Sound
Save