Dear 2nd Story,

I've been a faithful user of TaxAct for enough years that I've lost count.

I expect a company that treats data that is as confidential as a tax return to be exceptionally careful with data security.

I was very dismayed, then, when your support staff asked me to email my tax return file to them so that they could re-create a problem that I am having.

Email is a VERY insecure way of sending data. Even if the identifying information (like SSN) are removed, the identity can be derived from the email address that it was sent from. Email is very easy to intercept, and this could land a full year of your customer's financial data into the wrong hands.

It is a very simple thing to set up a secure website (HTTPS) with a file upload. This would be MUCH more secure than sending it via email. This is just one possible example of a much better way to handle confidential data.

I'm sorry to find out that 2nd Story does not treat customer data more securely than this. It is likely to affect my decision to purchase Tax Act again next year, as it leads me to question how securely you are handling data other places in the system (like e-filing.)

Michael W. Burden
Long time TaxAct Customer