IRS hack larger than reported: 600k+ taxpayers targeted

Today, the IRS said a recent review revealed thieves may have had access to approximately 220,000 additional tax accounts, bringing the total number of victims up to 334,000 – three times the original amount.

In May the IRS reported that identity thieves were able to use the agency’s Get Transcript program to get personal information about as many as 114,000 taxpayers. The unauthorized access happened between February and May. The agency says hackers tried, but failed to access the data of some 280,000 more taxpayers.

“The IRS takes the security of taxpayer data extremely seriously, and we are working to continue to strengthen security for ‘Get Transcript, ‘ including by enhancing taxpayer-identity authentication protocols”, the agency said. In addition, another 111,000 unsuccessful attempts were also found by the IRS.

The IRS reported in May that cyber crooks used stolen Social Security numbers and other data acquired elsewhere to try to gain unauthorized access to prior-year tax return information for about 225,000 U.S. households.

It added that it will soon begin mailing letters in the next few days to the taxpayers whose accounts may have been accessed, offering them free credit monitoring and a new personal identification number to verify the authenticity of next year’s tax returns. A cyberattack on an organization as advanced as the IRS is a disturbing landmark for online hackers looking to steal information. The system was shut down when the problems came to light. The link allowed taxpayers to get copies of their own back tax returns to use, for example, in applying for loans.

The IRS said Monday that thieves started targeting the website in November. The IRS data breach further highlights the growing threat posed by hackers. On Monday, officials did not identify a potential source of the crime. The IRS estimates it paid out $5.8 billion in fraudulent refunds to identity thieves in 2013.