In another epic Internal Revenue Service (IRS) crackup with IRS Commissioner John Koskinen at the wheel, highly skilled hackers broke into IRS computers and made off with the personal tax information of at least 100,000 taxpayers and at least $50 million in fraudulent tax refunds – a scheme that began months ago but only discovered now.
According to Koskinen, the thieves gained access to IRS computers through a flaw in the self-help subsystem “Get Transcript” part of the website where taxpayers can get tax returns and other filings from previous years.
To access the information, thieves had to get past a security screen that required knowledge about the taxpayer including Social Security number, date of birth, tax filing status and street address, the IRS said. Koskinen said:
“We’re confident that these are not amateurs.” “These actually are organized crime syndicates that not only we but everybody in the financial industry are dealing with.”
Koskinen was tightlipped on whether overseas criminals were involved or even if they obtained enough personal information about the taxpayers to access their returns. The IRS has launched a criminal investigation. The agency’s inspector general is also investigating.
This is not a new racket for IRS thieves.
One way or another, foreign and domestic fraudsters have been bilking taxpayers through flawed IRS systems for years mostly by filing for fraudulent tax refunds and skipping with the loot before real taxpayers know what hit them – a scheme that tricked the IRS out of $5.8 billion in 2013 alone.
“Eighty percent of the of the identity theft we’re dealing with and refund fraud is related to organized crime here and around the world,” Koskinen said. “These are extremely sophisticated criminals with access to a tremendous amount of data.”
Reactions range from shock to resignation in Congress.
“That the IRS – home to highly sensitive information on every single American and every single company doing business here at home – was vulnerable to this attack is simply unacceptable,” said Sen. Orrin Hatch, (R-UT), chairman of the Senate Finance Committee.
“What’s more, this agency has been repeatedly warned by top government watchdogs that its data security systems are inadequate against the growing threat of international hackers and data thieves.”
Technicians discovered the security breach almost by accident. According to Koskinen, the IRS realized something was wrong when the number of taxpayers seeking transcripts increased suddenly – outside the mean or average for such requests.
Upon further review and deeper digging, the IRS determined that the attack began in February and continued through mid-May when the IRS temporarily shut the self-help feature down.
With little to recommend the advice, the IRS said its main computer system, which handles tax filing submissions was not breached and remains secure.
“In all, about 200,000 attempts were made from questionable email domains, with more than 100,000 of those attempts successfully clearing authentication hurdles,” the agency said.
“During this filing season, taxpayers successfully and safely downloaded a total of approximately 23 million transcripts.”
In terms of monetary theft, Koskinen said about $50 million was successfully stolen out of IRS coffers. For taxpayers, ID theft from the IRS could continue if thieves bank the information and use it again later to attack the system in future years.