Vintage and craft marketplace Etsy has said that the US tax details of 1500 sellers were made public in a data breach.
This wasn’t a case of a hack or computer attack but rather an incident of human error. The error happened on January 30th 2018 when one Etsy seller requested a copy of their 2016 federal 1099 tax form. An Etsy staff member sent the seller more than they bargained for and shared the tax details of 1500 sellers. They have since contacted all the sellers concerned and sought to reassure them that there has been no ill-use of the data.
As Etsy said in a statement:
While providing that information to the Etsy seller, your Etsy 2016 federal 1099 tax form was inadvertently disclosed to the seller. The seller reported the incident to us, and our security team confirmed with the seller that the information was deleted from the seller’s system the same day. We have no reason to believe that the information was misused in any way.
– Etsy
The US tax form 1099 is sent to individuals and businesses when the marketplace processes payments of $20,000 or 200 transactions in any one year. The information is also disclosed to the IRS (the US tax authority) and several states who also require the information for local tax purposes
The personal information included on the form of concern comprises of the tax identification number (TIN) of the sellers. Sometimes sellers will use their social security number as their TIN, especially if they sell in lower volumes.
It seems most likely that this problem has been exclusively one that has affected US sellers. And in any case, it also seems that the accidental recipient of the data has been responsible and reported what appears to be an honest mistake and error immediately to Etsy. And they too have been responsible in their open and honest communication of the problem. So hopefully no harm has been done.
Were you affected?