Internal Revenue Service Data Breach (2015)
In May 2015, the Internal Revenue Service (IRS) announced a significant data breach where identity thieves exploited stolen personal information to access the IRS's online "Get Transcript" service. This breach allowed unauthorized individuals to view tax returns for hundreds of thousands of U.S. taxpayers, leading to concerns about potential fraudulent tax refunds. Initially reported to affect over 100,000 households, the number was later revised to approximately 334,000, with estimates suggesting that the personal data of up to 610,000 taxpayers may have been compromised.
Following the discovery, the IRS suspended the "Get Transcript" service and began offering free credit monitoring to affected individuals. This incident highlighted broader vulnerabilities within government and private sector data security, as it occurred amidst several other high-profile breaches in 2015, including one at the Office of Personnel Management. In response to the breach, IRS officials, including Commissioner John Koskinen, testified before Congress about enhanced cybersecurity measures and the agency’s efforts to assist victims. The fallout from the breach raised important questions about the integrity of sensitive personal information stored online and the ongoing challenges of protecting it from cyber threats.
Internal Revenue Service Data Breach (2015)
In May 2015, it is announced that identity thieves used stolen Social Security numbers and other pieces of personal data to access the Internal Revenue Service's (IRS's) online "Get Transcript" service to view the previous year's tax returns for hundreds of thousands of US taxpayers. Once the thieves were inside the IRS's website, they were able to gain additional information about these people, which might allow them to receive fraudulent tax refunds from the IRS. (In recent years, the IRS has sent identity thieves upward of $5.8 billion in tax refunds.)
The IRS initially announced that more than 100,000 US households had been affected by the data breach. That number was revised to 334,000 in August, with an additional several hundred thousand people having had their personal information viewed by hackers. Since the hack was discovered, the IRS has shut down the Get Transcript service and has offered free data monitoring and other help to those who have been the victims of this hack. The IRS data breach is but one of a number of hacks to government websites. During the same summer, the Office of Personnel Management (OPM) was hacked, with more than 21.5 million government employees impacted and, in 2014, hackers got the personal information of approximately 800,000 employees of the US Postal Service. The hacks to servers of both government agencies, as well as to private companies such as Ashley Madison, highlight the vulnerabilities of storing private information on network servers.
Date: The public first learned of the data breach at the IRS, in which hundreds of thousands of US taxpayers have had their information viewed and/or stolen by identity thieves, in May 2015.
Place: Washington, DC, headquarters of the IRS
Key Events
- 2012-IRS sends 343 income-tax refund checks to one address in Shanghai, China, and another 655 refund checks to one address in Lithuania.
- 2013-IRS pays out $5.8 billion in fraudulent refunds to identity thieves, but prevents between $22 and $24 billion in fraudulent refunds from being issued. That same year, on May 15, acting IRS chief Steven Miller resigns when it is discovered that the IRS is unfairly targeting Tea Party organizations for closer scrutiny on 501(c)(4) applications.
- November 2014-The hack of the online IRS Get Transcript service begins but no one will suspect it for months. Investigators initially believe the hack began in February 2015.
- May 2015-IRS reports that its systems have been hacked and that more than one hundred thousand US households have been impacted.
- June 2015-IRS commissioner John Koskinen testifies before Congress about how the IRS is attempting to secure personal data and requests additional funding to prevent cyberattacks and data breaches.
- August 2015-IRS reports that the data breach was much larger than initially suspected. About 334,000 US households have had their data hacked, and thieves may have looked at the personal information for many other taxpayers, raising the potential total of victims to 610,000 taxpayers.
Status
As of late 2015, the IRS has shut down the online Get Transcript service and instead offers to send transcripts to taxpayers by mail. It has also begun contacting all of the victims of the data breach and has offered to give them free access to a data-monitoring service to ensure that hackers are not using their information to rack up fraudulent charges on credit card accounts, for example. The IRS is also tightening its safeguards to protect its servers from renewed cyberattacks. Despite calls in the US Congress for the resignation of IRS commissioner John Koskinen, President Barack Obama says he has no plans to fire him.
In-Depth Overview
In recent years, hackers have sought to gain personal information from a variety of computer servers, in both the private and public sectors. They use the personal information they gain primarily to open credit card accounts and make fraudulent charges using the identities of their victims, but they can also use that same information to undertake acts such as blackmail.
The IRS has also had its data breached. In 2012 and 2013, the IRS paid out billions of dollars in fraudulent tax returns. The largest data breach of the IRS's servers, however, began in November 2014, although no one knew it then. Using stolen Social Security numbers and other pieces of personal information, hackers accessed income-tax transcripts of hundreds of thousands of US taxpayers through the IRS's online Get Transcript service. In May 2015, it was revealed that more than 100,000 US households had been the victims of this hack; in August, the IRS added another 220,000 potential victims to that list, raising the number to 334,000. Additionally, other taxpayers have had their personal information seen by hackers, raising the overall total to 610,000.
In response to this hack and the OPM hack the same summer, President Barack Obama ordered a thirty-day cybersecurity sprint to improve the security of government servers, including the use of two-factor authentication, but many experts believe that the security problems facing government servers will require a sustained response. In testimony before Congress, John Koskinen, the IRS commissioner, highlighted the ways the IRS has improved its identity-theft operations by consolidating them into a single unit and adding filters to flag suspicious tax returns, as well as locking the IRS accounts of deceased taxpayers. He also noted the ways that the IRS would be helping the victims of the 2015 data breach. What remains to be seen is how the data breach will impact the 2016 filing season.
Key Figures
John Koskinen: IRS commissioner.
Steven Miller: Former acting IRS commissioner.
Barack Obama: President of the United States since 2009.
Bibliography
Clark, C. S. (2015). IRS chief says he won't blame data breach on budget crunch. Government Executive, 1. Retrieved from http://search.ebscohost.com/login.aspx?direct=true&db=mth&AN=103056425&site=ehost-live&scope=site
Damato, K. (2015, May 27). Five questions about the IRS data breach. Wall Street Journal. Retrieved from http://blogs.wsj.com/briefly/2015/05/27/5-questions-about-the-irs-data-breach/
Meyer, R. (2015, August 19). There are no rules in love and taxes. Atlantic. Retrieved from http://www.theatlantic.com/technology/archive/2015/08/there-are-no-rules-in-love-and-taxes/401765/
Ohlemacher, S. (2015, August 17). IRS: Computer breach bigger than first thought; 334K victims. Business Insider. Retrieved from http://www.businessinsider.com/ap-irs-computer-breach-bigger-than-first-thought-334k-victims-2015-8
Rash, W. (2015). IRS data breach demonstrates the risk of trying to help taxpayers. Eweek, 1. Retrieved from http://search.ebscohost.com/login.aspx?direct=true&db=bah&AN=109350308&site=ehost-live&scope=site