Oklahoma Tax Commission Confirms Data Breach Affecting Taxpayer Files
The Oklahoma Tax Commission (OTC) recently disclosed a data breach involving unauthorized access to sensitive taxpayer information within its Oklahoma Taxpayer Access Point (OkTAP) system. The incident, detected in December 2025, prompted an immediate investigation with the help of third-party cybersecurity and digital forensics experts.
According to notifications sent to affected individuals in late March 2026, the breach involved unauthorized access to W-2 and 1099 tax files between September 18, 2025, and December 20, 2025. While the OTC has not disclosed the total number of impacted individuals, it confirmed that the breach extended beyond state employees. Those affected were offered complimentary credit monitoring and fraud assistance services.
The OTC stated that, as of now, there is no evidence that the exposed data has been used for identity theft or fraud. In response to the incident, the agency has implemented additional security measures to prevent future breaches. The delay between discovery (December 2025) and notification (March 2026) was not explained.
The OTC reiterated its commitment to safeguarding taxpayer data and expressed regret over the incident. The IRS assisted in identifying the suspicious activity, though further details on the breach’s origin remain undisclosed.
Source: https://www.okenergytoday.com/2026/04/tax-commission-confirms-data-breach-of-taxpayers-files/
Oklahoma Tax Commission cybersecurity rating report: https://www.rankiteo.com/company/oklahoma-tax-commission
"id": "OKL1775075851",
"linkid": "oklahoma-tax-commission",
"type": "Breach",
"date": "9/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Taxpayers (number undisclosed)',
'industry': 'Public Sector',
'location': 'Oklahoma, USA',
'name': 'Oklahoma Tax Commission',
'type': 'Government Agency'}],
'customer_advisories': 'Complimentary credit monitoring and fraud assistance '
'services offered to affected individuals',
'data_breach': {'file_types_exposed': ['W-2', '1099'],
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High (Personally Identifiable '
'Information, Financial Data)',
'type_of_data_compromised': 'Tax files (W-2, 1099)'},
'date_detected': '2025-12-01',
'date_publicly_disclosed': '2026-03-01',
'description': 'The Oklahoma Tax Commission (OTC) disclosed a data breach '
'involving unauthorized access to sensitive taxpayer '
'information within its Oklahoma Taxpayer Access Point (OkTAP) '
'system. The breach involved unauthorized access to W-2 and '
'1099 tax files between September 18, 2025, and December 20, '
'2025. Affected individuals were offered complimentary credit '
'monitoring and fraud assistance services.',
'impact': {'brand_reputation_impact': 'Yes',
'data_compromised': 'W-2 and 1099 tax files',
'identity_theft_risk': 'Potential',
'systems_affected': 'Oklahoma Taxpayer Access Point (OkTAP)'},
'investigation_status': 'Ongoing',
'post_incident_analysis': {'corrective_actions': 'Additional security '
'measures implemented'},
'references': [{'source': 'Oklahoma Tax Commission Notification'}],
'response': {'communication_strategy': 'Notifications sent to affected '
'individuals in March 2026',
'incident_response_plan_activated': 'Yes',
'remediation_measures': 'Additional security measures '
'implemented',
'third_party_assistance': 'Cybersecurity and digital forensics '
'experts'},
'title': 'Oklahoma Tax Commission Data Breach Affecting Taxpayer Files',
'type': 'Data Breach'}