Tag Archives: IRS Hack

Breach Brief: Hackers make off with the information of 100K taxpayers in IRS breach

Cyber criminals used the IRS’ online service to access personal information of more than 100,000 taxpayers.

The Internal Revenue Service has confirmed that attackers have compromised the personal information of over 100,000 taxpayers this spring through the agency’s “Get Transcript” application.


What information was affected? Upon initial review, the hackers seem to have gained access to sensitive information such as Social Security numbers, birth dates and street addresses.

When did it occur? At a news conference, IRS Commissioner John Koskinen said criminals made about 200,000 attempts to access tax information, and 100,000 of those attempts made between February and mid-May were successful.

How did it happen? Investigators confirmed that the third parties responsible for the breach cleared a multi-layer authentication process, including Social Security information, date of birth, tax filing status and street address before accessing IRS systems. Since the process also requires an additional step, where applicants must correctly answer several personal identity verification questions that typically are only known by the taxpayer, this means hackers had prior knowledge of their targets’ confidential data even before they began their attack.

What they’re saying: The cyber criminals “gained sufficient information from an outside source before trying to access the IRS site,” the agency’s statement revealed. “The IRS is continuing to conduct further reviews on those instances where the transcript application was accessed, including how many of these households filed taxes in 2015. It’s possible that some of these transcript accesses were made with an eye toward using them for identity theft for next year’s tax season.”

This latest high-profile incident comes amid growing concerns that even the most trusted sites and systems can be used by hackers aimed at infiltrating sensitive industries. With the number of cyber attacks on the rise and no apparent end in sight, how can you ensure that your network and its data are protected?