The Internal Revenue Service admitted on Tuesday that it had become the most recent victim of hackers. Approximately 100,000 tax accounts were accessed. Another 100,000 attempts proved unsuccessful.
In this post, we will discuss how the hackers accessed the accounts. Next week, we will look at why the agency may have been at a higher risk. In a third part, we will discuss tips to protect your data.
The breach did not affect the main IRS computer system that processes tax filings. This means the agency continues to process payroll taxes and Form 990s, which were due from nonprofits at the beginning of the month. It also continues work on tax audits.
A coordinated effort
The well-planned attack apparently began back in February. The IRS statement said that hackers acquired taxpayer information (likely purchased from other sources) and then used it to answer personal identity questions on the IRS “Get Transcript” application. With 200,000 queries over four months, the hackers had to bring in a lot of support in a coordinated effort.
Information stolen included taxpayer:
- Social Security information,
- Addresses, and
- Birth dates.
The Get Transcript application allows taxpayers to view tax payments, wage and income data for specific tax years along with line-by-line tax return information. The IRS reported that about 23 million taxpayers securely accessed transcripts last year.
For the 100,000 taxpayers whose information was compromised, the agency will offer free credit monitoring services. The IRS shut down the application while the IRS’ Criminal Investigations unit and the Treasury Inspector General for Tax Administration Criminal (TIGTA) review what happened.
Chronic under funding of the agency and older technology could have left the agency exposed. We will discuss these contributing factors, including how they are affecting the agency more broadly.
Source: USA Today, “IRS hacked, 100,000 accounts breached,” Elizabeth Weise, May 26, 2015