Turbotax has a new feature that tracks the dates, times, and approximate locations your account was accessed. You can log in and check this feature. Make sure you log in by typing the address in your web browser and check for the padlock icon that means you have a verified connection. Click Account Tools, then Security, then scroll down for access history.
Be aware that the date and time will be accurate, but the location may be less accurate, especially if you are using a cell phone. Determining location from an internet address is notoriously prone to error. But, any overseas access is definitely a problem. If there are log ins you don't recognize, you can call customer support, and also take steps (below) to secure your account better.
To secure your account, log in to your Turbo tax account by typing the address into your browser window, and make sure your browser shows a padlock icon or whatever symbol it uses to indicate a secure verified connection. Change your password, and make sure it is not something you use on other web sites. Change your security question to something that a crook could not guess from social media. Make sure your email address and cell phone number are up to date as Turbotax may use that to help verify future attempts to log in.
You also have the option to turn on 2-factor authentication for all log-ins. With 2-factor authentication, Turbotax will send a code to your email or cell phone when you try to log in. The idea is that only someone who knows your password and also has possession of your phone will be able to log in, this is more likely to be the real you. Turbotax will use 2-factor authentication whenever you log in from a computer that turbotax does not recognize, but you can turn it on for all log-ins in your security settings.
Also see these two FAQ's on the new email alerts being
sent about possible suspicious situations involving your information: