By Ed Stone
March 1, 2016

In January, hackers launched an automated bot attack against the Internal Revenue Service (IRS). The latest incident followed a 2015 data breach that affected 330,000 people. This time the identity thieves used personal data they stole elsewhere to generate E-file Personal Identification Numbers (PINs) for pilfered Social Security numbers (SSNs). In some cases, those who file a tax return electronically use an E-file PIN to do it.



The IRS announced that it identified and halted the attack, but the hackers successfully used 101,000 stolen SSNs to access E-file PINs. The IRS said the incident didn’t compromise or disclose any personal taxpayer data and reported that it quickly notified affected taxpayers by mail that their personal information had been used in the attempt. Also, the IRS said it would mark the affected taxpayers’ accounts to protect them against tax-related identity theft.


During the first week of February, the failure of IRS tax processing systems blocked the acceptance of many taxpayer returns. But the Service claimed that was unrelated to this attack.


Ed Stone is the senior finance editor at IMA. You can reach him at estone@imanet.org.
0 No Comments
You may also like