With the tax return filing season fully here, identity thieves are ramping up their work in order to beat consumers to the punch. Two online filing companies—TaxSlayer and TaxAct—have already discovered that they were the victims of an outside data breach last fall, one that compromised the highly-sensitive personal identifiable information for many of their customers.

TaxAct was breached in November by unauthorized third party hackers who accessed an estimated 450 clients’ records; this led the company to also suspend an additional 9,000 users’ accounts after they noticed suspicious activity. This week, TaxSlayer announced that it, too, has been the victim of a third party data breach, but this time the thieves were a little more successful, making off with the complete 2014 tax returns of around 8,800 users. In that event, thieves were able to access anything that appears on a completed or draft tax return, including names, birthdates, Social Security numbers, and even dependents’ SSNs.

While there’s no information yet about whether or not the two hacking events are related, there is a striking similarity: in both cases, the security protocols of the companies were not interrupted or misconfigured. The hackers had access to the customers’ user names and passwords, which the companies believe the thieves got from an online source.

Here are some vital steps to take if you’ve received a notification letter from either of these two companies:

  1. File immediately – Stopping an identity thief from stealing your refund is a race against the clock. Considering that this information was stolen between October and December of 2015, there’s an excellent chance that your tax return has already been filed fraudulently, but that’s no reason to throw in the towel. On the off-chance that the thieves haven’t filed a return yet—or that the less likely reason for the hacking wasn’t for tax refund fraud—it’s still possible that your 2015 return is safe.
  2. Change your user name and password – Your letter should have told you to change your user name and password on your tax prep account, but also on all of your other internet accounts. The hackers found your information on an external website and used it to break into your tax prep account; that means they can be going after your email, your online banking accounts, your credit card accounts, and more, especially if you’re using the same password repeatedly.
  3. Take advantage of the credit monitoring – As part of the notification process, your letter offered you a year of free credit monitoring and contained a PIN number you would need in order to set that up with the contracted company. Do NOT disregard this offer! It’s crucial to helping you stay on top of what damage thieves may do with your information, and it also contains liability insurance that protects you from whatever they do with it.

Remember, you don’t have to receive a notification letter to take some of these steps. If you’ve used these or other tax preparation services in the past, it’s a good idea to change your username and password, just to be safe. Of course, filing immediately also means your return is safe if thieves have accessed your information in some other way, and it helps you get your refund faster.