The cyberattack on U.S. taxpayer data reported by the Internal Revenue Service earlier this year now appears to be much worse than originally thought, the agency announced Monday, with as many as 300,000 citizens now believed to be potential victims.
Whereas in May the IRS reported that sensitive information of about roughly 100,000 taxpayers had been stolen by thieves through its "Get Transcript" online application, its latest estimates more than double that number. It's now believed that the thieves potentially gained access to more than 300,000 taxpayer accounts after attempting to breach more than 600,000.
To gain access to the information, the thieves first stole information including Social Security details, dates of birth and street addresses from an outside, non-IRS source. They then used that information to clear a multistep authentication process in the app and access personal tax data on the IRS site.
The Get Transcript app was shut down in May.
In the next few days, the IRS will begin notifying the 220,000 or so newly affected taxpayers. It will also send notifications to approximately 170,000 other households whose personal information could be at risk even though the thieves apparently failed in their efforts to access it through the IRS system.
The IRS is offering free credit protection and "Identity Protection PINs" to those affected.
“The IRS takes the security of taxpayer data extremely seriously," the agency said. "We are working to continue to strengthen security for `Get Transcript,’ including by enhancing taxpayer-identity authentication protocols.”
The breach remains under review by the Treasury Inspector General for Tax Administration as well as the IRS Criminal Investigation unit.
Next read this:
- 7 management books every CIO must read
- CIOs battle product management pitfalls
- Top IT spending priorities for 2021
- 10 technologies that will disrupt business in 2021
- How to build (and sustain) high-performing IT teams
- Why IT projects still fail
- 10 future trends and how CIOs can keep ahead in 2021
- 10 most misused buzzwords in IT
- CIO resumes: 9 best practices and 8 strong examples
- 6 hot infrastructure and operations trends — and 5 going cold
- Top 5 strategic priorities for IT leaders in 2021