Can’t these guys get anything right? It appears a huge IRS data breach is now double the size the agency originally disclosed, the organization admitted yesterday.
Has your data been lost? You’ll have to watch the mail for a notification, the IRS said.
An additional 220,000 potential victims had information stolen from an IRS website as part of a sophisticated scheme to use stolen identities to claim fraudulent tax refunds, the IRS said Monday. The revelation more than doubles the total number of potential victims, to 334,000 and the IRS is scrambling to figure out how much it may have paid out in phony refunds.
The IRS estimates it paid out $5.8 billion in fraudulent refunds to identity thieves in 2013, when something similar happened.
The thieves accessed a system called “Get Transcript,” where taxpayers can get tax returns and other filings from previous years. In order to access the information, the thieves cleared a security screen that required knowledge about the taxpayer, including Social Security number, date of birth, tax filing status and street address, the IRS said.
The IRS said in a statement that they “will begin mailing letters in the next few days to about 220,000 taxpayers where there were instances of possible or potential access to ‘Get Transcript’ taxpayer account information.”
In all, the thieves used personal information from about 610,000 taxpayers in an effort to access old tax returns. They were successful in getting information from about 334,000 taxpayers.
“The IRS’s failure to protect private and confidential information from cyber-attacks risks further fraud for hardworking taxpayers,” said Sen. Orrin Hatch, R-Utah, chairman of the Senate panel that oversees the IRS. “The agency should act swiftly to alleviate the damage for all those affected.”
Rep. Peter Roskam, R-Ill., said, “Today’s revelation that the IRS didn’t fully understand this security breach for months is not confidence-inspiring.” Roskam chairs a House subcommittee that oversees the IRS.
The IRS said Monday that thieves started targeting the website in November. Originally, investigators thought it started in February. The website was shut down in May.
The Associated Press contributed to this article