Major Security Breach at IRS, Everyone’s Favorite Government Agency

Posted by:

Amazingly, but maybe not surprisingly, the Internal Revenue Service computer systems were hacked and about 100,000 tax payer accounts were breached.

You would think that the agency taking a nice chunk of our earned income would be able to protect our information from security breach. Not so: It appears that even the IRS cannot prevent hackers from sneaking into their systems and yanking about 100,000 taxpayers’ information from their accounts.

The agency determined that the IRS hack started in early February 2015. The hackers were simply able to obtain information about taxpayers through online searches, and then use the info to answer personal ID verification questions in the IRS’s online “Get Transcript” application. After answering a taxpayer’s security questions correctly, the application would open the floodgates of the taxpayer’s information to the hackers.

This government security breach happened through a security hole in the IRS’s “Get Transcript” application. This information stolen included names, addresses, dates of birth and social security numbers; the winning combination to unlock many doorways to financial fraud.

Over 100,000 taxpayers affected in IRS hack

What’s the IRS Get Transcript application?

This application allows a taxpayer to view their tax account transactions, their line-by-line tax return information, and their wage and income reported to the IRS for any specific tax year. Just last year, twenty three million taxpayers used the application to securely obtain their information.

Guessing 100,000 taxpayers security questions takes a lot of time and effort. The hackers in charge hired dozens of people to conduct searches, and then submitted quarries from over 200,000 email addresses to guess answers to the taxpayer’s security questions on the IRS web site. The complex hack was carefully planned and took over four months.

Most likely, the hacked information has been sold on the online black market to identity thieves.  The IRS has informed the 100,000 taxpayers and has offered free credit monitoring service to them at no charge.

The breach was discovered about a week ago when IRS staff noticed some strange activity. While the IRS’s main computer system was not compromised, evidence suggests that the hackers may also have created fraudulent refunds.

The IRS security folks has launched a full investigation and has temporarily deactivated the “Get Transcript” application. Any taxpayer that needs a copy of their tax return can apply online and have a one mailed to them while the system is offline.

To request your transcript, click here:;jsessionid=k7J7P6BgpwrLZQzXWlllb4S7


About the Author:

Online Security Expert Todd Laff reviews online hacks and security issues and how to protect yourself and secure your network.

Add a Comment