Washington – The IRS said Friday that the number of taxpayers whose tax information may have been stolen by computer hackers now exceeds 700,000 — more than double the agency’s previous estimate.
Subscribe to our Daily Roundup Email
The tax collecting agency said 390,000 more taxpayer accounts may have compromised than the 334,000 it warned about a year and a half ago. The breach was first discovered in May 2015, and the increase first reported by The Wall Street Journal.
The sensitive information can be used for identity theft or to claim fraudulent tax refunds.
The thieves accessed a system called “Get Transcript,” where taxpayers can get tax returns and other filings from previous years. In order to access the information, the thieves cleared a security screen that required knowledge about the taxpayer.
The IRS says it is immediately moving to notify taxpayers, offering identity theft protection services and giving them access to a program that assigns them special ID numbers that they must use to file their tax returns.
“The IRS is committed to protecting taxpayers on multiple fronts against tax-related identity theft,” said IRS Commissioner John Koskinen. “We are moving quickly to help these taxpayers.”
In addition, hackers have tried to access almost 600,000 additional IRS accounts in an attempt to gain private information on taxpayers.
The IRS has earlier said that agency investigators believe the identity thieves are part of a sophisticated criminal operation based in Russia.
It’s sadly becoming more commonplace to read stories that show how poor a job those responsible for maintaining sensitive information do in securing it, not just in government, but in industry, too. It’s not that they aren’t aware of the problem, but that they aren’t trained or financed sufficiently to put in place adequate protection.
We tend to assume that those who breach networked computer systems are equipped with science-fiction level financing and sophisticated systems and personnel unavailable to bank, hospital, military and industrial facilities, but that just isn’t so.
When one reads the journals that analyze case studies of such breaches, one realizes that most breaches occur because of a lax attitude towards safeguards.