With identity theft-related tax fraud such a lucrative enterprise for scammers, it should be no surprise that the Internal Revenue Service (IRS) has been the target of a hack attack.
The agency has disclosed that hackers penetrated security systems and obtained access to the tax records of as many as 100,000 taxpayers. For an identity thief, it’s like hitting the jackpot.
With your tax return a criminal not only has access to your Social Security number, he or she knows a lot about you. The hacker can see where your sources of income came from and next year, file a bogus return in January that is a dead ringer for the one you filed this year. If the attack went undetected the IRS wouldn’t bat an eye before sending out a refund – not to you but to the scammer filing your return.
In an email to ConsumerAffairs Wednesday, Leah, a taxpayer in Georgia, reports she has been an apparent victim of identity theft-related tax fraud. When she filed her return earlier this year, expecting a $3000 refund, she learned that the IRS had already processed her return.
“The original refund was addressed to someone in Texas,” she wrote. “I live in Georgia.”
Chances are, there could be many other cases like Leah’s next year.
The part of the IRS that was compromised is a section called Get Transcript. Taxpayers who have created an account at IRS.gov may log in and obtain transcripts of their tax records for previous years. People applying for a mortgage often need to do this.
If you have not set up a Get Transcript account, you should not be at risk in this breach. Taxpayers attempting to log into the Get Transcript website Wednesday are greeted with this message:
Alert: The online Get Transcript service is currently unavailable. Transcripts may still be ordered using the Get Transcript by Mail service. We apologize for any inconvenience.
To log in normally, a taxpayer enters a user name and password. The people who hacked the system had that information.
A second tier of security then asks a security question that the account holder selected and answered when setting up the account. In about half the cases, the IRS says the hackers knew the answer. Of the 200,000 accounts targeted, about 100,000 were breached.
That suggests this breach was highly sophisticated and targeted, not random. Officials speculate, for example, that by combing social media sites hackers were able to learn information about their potential victims that would help them answer those security questions – what was your high school’s mascot, for example.
In addition, to disabling the Get Transcript portion of its website, the IRS said it has taken steps to protect taxpayers. They include:
In addition, the IRS said it is flagging the underlying taxpayer accounts on its core processing system to alert for potential identity theft to protect taxpayers going forward — both right now and in 2016.