By AAT Comment Anti-money launderingHMRC responds to criminal ‘hack’ attempt5 Jun 2025 An update from HMRC on criminals’ attempts to gain unauthorised access to HMRC services through user accounts.What’s happenedHMRC has identified 100,000 tax accounts – approximately 0.22% of its customers – were targeted in recent attempts to access online services. The department has been clear that this was not a cyber-attack but instead involved criminals using personal information from various sources (such as phishing activity or data obtained through other organisations) to access HMRC services. These were attempts to claim money fraudulently from HMRC, not from its customers. HMRC has issued reassurances that no customers have experienced, or will experience, financial loss because of this incident.Action takenHMRC has taken action to protect its customer data and secure affected accounts as soon as possible. This includes:Writing to inform all those impacted that they have detected unauthorised attempts to access their online HMRC account, reassure them that their account has been secured, and that they have not suffered any financial loss.Setting up a guidance page on GOV UK which will be regularly updated. Online searches for ‘unauthorised access of HMRC online accounts’ will also direct internet users towards this page.Working with UK and international law enforcement agencies to investigate and bring those responsible to justice.HMRC also reminds all customers to: Be cautious of unexpected emails, texts, or phone calls claiming to be from HMRC.Practise good ‘cyber hygiene’: for example, never share your Government Gateway login details with anyone and don’t reuse old passwords.Check HMRC’s guidance on recognising genuine contact at GOV UK.Report suspicious activity to [email protected].AAT members who are onboarding new clients to HMRC’s customer accounts are asked to be particularly vigilant.AAT is continuing to work with HMRC to understand the impact of this incident on our members and will update this page with any additional information that we receive.AAT’s reactionWe’re aware of reports that up to 100,000 HMRC customer accounts may have been compromised. AAT is working with HMRC to understand the impact and have shared guidance with our members and will continue to support them through this period.It’s essential that taxpayers, agents and businesses can access HMRC systems securely, without disruption and with confidence.This incident highlights the importance of continued investment in HMRC’s digital infrastructure. With next week’s Spending Review fast approaching, it’s crucial that HMRC is properly resourced to strengthen its cyber resilience and protect the integrity of the tax system. AAT Comment offers news and opinion on the world of business and finance from the Association of Accounting Technicians.