more info Menu

IRS Says Cyberattacks More Extensive Than Previously Reported

The IRS said yesterday that more than twice as many taxpayer accounts were hit by identity thieves than the agency first reported, with hackers gaining access to as many as 330,000 accounts and attempting to break into an additional 280,000.

The breaches occurred in an online application called “Get Transcript” that allowed taxpayers to obtain prior-year return information. The IRS shut the online system after the hacking came to light.IRS scam

Government investigators previously said they believe many of the attacks came from criminals operating in Russia as well as other countries. They didn’t elaborate Monday on who they think was behind the attacks.

Prior-year tax data can be highly useful to crooks in filing fake tax returns that seek fraudulent refunds. The IRS faces an epidemic of fraudulent returns, with officials estimating the government paid out about $5.8 billion in phony refunds claims to identity thieves in 2013 alone.

The IRS has said that to obtain taxpayer information through the system, hackers had to navigate a multistep authentication process requiring personal knowledge about the taxpayer, including Social Security number, date of birth, tax filing status and street address. The process also involved answering personal questions such as “What was your high school mascot?”

To get through the authentication, IRS officials believe attackers became adept at aggregating personal data from multiple sources.

Some tax preparers are frustrated by both the growth of tax ID theft and what they see as delays in resolving the issue.

Original Story at WSJ