On Tuesday, the Internal Revenue Service disclosed that more than 100,000 individuals had their historical tax returns exposed from February to mid-May.
The data breach occurred when thieves accessed previously filed tax returns using the IRS’ system “Get Transcript,” which was available on their website. “Get Transcript” provides taxpayers with their historical returns, which are typically required when applying for loans or college aid.
Individuals must go through a multi-factor authentication process in order to create an IRS.gov account and access this information; however, these criminals had enough previously stolen personally identifiable information (PII) to pass the IRS’ security screening.
The screening entailed knowing an individual’s name, Social Security number, birth date, street address and “out of wallet” information such as a person’s first car or high school mascot.
During the four-month window, the IRS received more than 200,000 attempts to view past returns using questionable email domains. Only about half of these attempts were successful.
Successful attempts provided thieves with the following personal information:
- Place of employment
- Bank account information
- Personal family information
The IRS has since shut down “Get Transcript” to prevent further fraud. Taxpayers may still request their historical records by mail.
It is believed these historical tax returns were stolen to help further perpetuate identity crimes against these individuals. With these additional intimate details, plus a clear picture of what that individual’s tax return typically looks like, it will be easier for thieves to create more realistic tax returns in the future —further helping to allude to the abuse and giving criminals a significant leg up.
Newsweek reports that John Koskinen, the IRS Commissioner, would not comment on whom the attackers might be and if such attacks are coming from overseas or within the U.S.
“We’re confident these are not amateurs. These are actually organized crime syndicates that not only we but everyone in the financial industry are dealing with,” Koskinen said.
It’s not surprising that these thieves would take such drastic measures to create realistic tax returns; to them this is a booming business. In 2013, the IRS estimates it paid out $5.8 billion in fraudulent refunds to identity thieves. That number is expected to grow unless stark security measures are implemented.
What should you do?
The IRS is currently notifying impacted individuals. It is important to note that taxpayers who had previously registered to access their historical tax returns on IRS.gov will not impacted by this breach.
Due to the sensitive nature of the information that these cybercriminals posses, anyone who may have been potentially impacted by this breach should be vigilant about minimizing fraud risks, including taking the following actions:
- Check your credit report
- Monitor your bank statements regularly
- Watch for spam or phishing attempts via phone or email
- Obtain an Electronic Filing PIN from the IRS
- Always file your taxes early
The views and opinions expressed in this article are those of EZShield Inc. alone and do not necessarily reflect the opinions of any other person or entity, including specifically any person or entity affiliated with the distribution or display of this content.