Update on IRS data breach: What is next for the IRS and affected taxpayers.
The IRS has revealed additional information on how scammers successfully filed fraudulent returns using information from the IRS’s Get Transcript program. They have also published steps that affected taxpayers can take to protect themselves.
Rather than a hack, it was a scam based on stolen identities.
The IRS uses a multi-step process to verify identities before they allow access. The first part involves the taxpayer submitting personal information including Social Security number (SSN), date of birth, tax filing status, and street address. The second step involves using “out of wallet” questions, an industry standard used by financial institutions. These questions are based on information that only the taxpayer should know, such as the amount of his or her mortgage payment or other personal information. Multiple questions must be answered correctly before the process can be completed. The private information that these hackers used was compiled from sources outside the IRS.
According to the IRS, the source of the attack may have been masked, and the attack may have come from multiple countries with connections to organized crime, not just Russia, as was widely reported by the media. The scammers used stolen identities and were “only” successful about 104,000 times. The IRS said 35,000 of those affected taxpayers had already filed their 2014 tax returns. The IRS said in its announcement of the breach, “It’s possible that some of these transcript accesses were made with an eye toward using them for identity theft for next year’s tax season.” If you were notified that you were part of the breach, monitoring and protecting your accounts is vital for the foreseeable future.
What is the IRS doing to protect you?
The IRS has temporarily shut down the online version of the Get Transcript service. Transcripts can still be requested via the mail service. Requesters must use their Social Security number (SSN) or Individual Tax Identification Number (ITIN), date of birth, and address from their last tax return.
If you were one of the 100,000+ compromised accounts, the IRS will provide a free credit-monitoring service. The IRS is also notifying all of the 200,000 taxpayers whose accounts were the targets of unauthorized access.
In addition, the IRS says it is taking several additional steps to protect victims’ accounts, including tagging the effected accounts in its computer system. If someone tries to file a tax return for one of these accounts through 2016, the IRS will flag the return. According to the IRS, “this incident involves one application involving transcripts - it does not involve other IRS systems, such as our core taxpayer accounts or other applications, such as Where’s My Refund.”
This security breach is just another reminder to be vigilant in protecting your privacy and personal financial documents. If you have any questions about your own tax situation, feel free to contact Ron Hogsett, MBA, EA at (408) 462-9589.