Menu
Identity thieves obtain 100,000 electronic filing PINs from IRS system

Identity thieves obtain 100,000 electronic filing PINs from IRS system

The automated attack attempted to obtain E-file PINS for over 460,000 people using previously stolen personal data

The Internal Revenue Service was the target of an attack that used stolen social security numbers and other taxpayer data to obtain PINs that can be used to file tax returns electronically.

The attack occurred in January and targeted an IRS Web application that taxpayers use to obtain their so-called Electronic Filing (E-file) PINs. The app requires taxpayer information such as name, Social Security number, date of birth and full address.

Attackers attempted to obtain E-file PINs corresponding to 464,000 unique SSNs using an automated bot, and did so successfully for 101,000 SSNs before the IRS blocked it.

The personal taxpayer data used during the attack was not obtained from the IRS, but was stolen elsewhere, the agency said in a statement. The IRS is notifying affected taxpayers via mail and will monitor their accounts to protect them from tax-related identity theft.

While the IRS said that externally-acquired taxpayer data was used, the agency did suffer a security breach last year that allowed attackers to gain information such as Social Security information, date of birth and street address for over 300,000 taxpayers.

That attack involved the IRS' "Get Transcript" application and in that case too, the agency said that attackers were able to pass the app's verification steps using information acquired from an external source.

In recent years there have been many data breaches that gave hackers access to personal information, including SSNs. Last year alone, health insurers Anthem, Premera, CareFirst and Excellus announced large data breaches that affected tens of millions of Americans. Another breach at the U.S. Office of Personnel Management exposed personal information on 21.5 million current and former U.S. government employees.

Given the sheer amount of personal data that's now in the hands of cybercriminals, it's likely that some of them will try to monetize it and one possible method is by filing fraudulent tax returns.

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Featured

Slideshows

Arrow exclusively introduces Tenable Network Security to A/NZ channel

Arrow exclusively introduces Tenable Network Security to A/NZ channel

Arrow Electronics introduced Tenable Network Security to local resellers in Sydney last week, officially launching the distributor's latest security partnership across Australia and New Zealand. Representing the first direct distribution agreement locally for Tenable specifically, the deal sees Arrow deliver security solutions directly to mid-market and enterprise channel partners on both sides of the Tasman.

Arrow exclusively introduces Tenable Network Security to A/NZ channel
Examining the changing job scene in the Kiwi channel

Examining the changing job scene in the Kiwi channel

Typically, the New Year brings new opportunities for personnel within the Kiwi channel. 2017 started no differently, with a host of appointments, departures and reshuffles across vendor, distributor and reseller businesses. As a result, the job scene across New Zealand has changed - here’s a run down of who is working where in the year ahead…

Examining the changing job scene in the Kiwi channel
​What are the top 10 tech trends for New Zealand in 2017?

​What are the top 10 tech trends for New Zealand in 2017?

Digital Transformation (DX) has been a critical topic for business over the last few years and IDC is now predicting a step change as DX reaches macroeconomic levels. By 2020 a DX economy will emerge and it will become the core of what New Zealand industries focus on. From the board level through to the C-Suite, Kiwi organisations must be prepared to think and act digital when the DX economy emerges in 2017.

​What are the top 10 tech trends for New Zealand in 2017?
Show Comments