Hackers got access to personal information of taxpayers who used the IRS online ‘get transcript’ application. The IRS said in a May 26 statement. “It’s possible that some of these transcript accesses were made with an eye toward using them for identity theft for next year’s tax season.”
The root of the problem seems to be third-party sources that sell personal information. The hackers were able to bypass authentication steps and get access to more sensitive information.
The IRS branded the hack as a sophisticated effort. “Third parties succeeded in clearing a multi-step authentication process that required prior personal knowledge about the taxpayer, including Social Security information, date of birth, tax filing status and street address before accessing IRS systems,” the IRS said. “The multi-layer process also requires an additional step, where applicants must correctly answer several personal identity verification questions that typically are only known by the taxpayer.”
The hackers reportedly attempted more than 200,000 accounts and the final count of successful access totaled more than 100,000 accounts. Investigations are being conducted and free credit monitoring services are being offered to hacked account owners. Senate Finance Committee Chairman Orrin Hatch, R-Utah said, “This agency has been repeatedly warned by top government watchdogs that its data security systems are inadequate against the growing threat of international hackers and data thieves. The IRS – home to highly sensitive information on every single American and every single company doing business here at home – was vulnerable to this attack is simply unacceptable,”
If you need to learn how to protect personal information, read this article – An optimal approach to safeguarding sensitive data.
For more on the IRS breach story go to this link.