IRS Commissioner John Koskinen announced on May 26 that nearly 104,000 taxpayers have become victims of a sophisticated identity theft scheme involving the IRS’s online "Get Transcript" application. The IRS detected the data breach in May after recognizing an unexpectedly high volume of tax transcripts requests. These sophisticated and organized cybercriminals attempted to access information from over 200,000 taxpayers. The IRS has disabled the online application and is taking aggressive steps to warn the affected taxpayers.
Koskinen told reporters "We have detected and determined that there was unauthorized access to our Get Transcript application that ran from February to May. To try to get through to get that transcription, the criminals had to already have stolen Social Security numbers, names, addresses and other personal identifiers available. Then they had to have enough personal information for each taxpayer to get through the so-called personal related questions.”
During the 2015 filing season, there were a total of 23-million successful downloads through the Get Transcript application. The 104,000 taxpayers’ filed actually downloaded by criminals represents a small fraction of total downloads IRS Commissioner Koskinen stated.
Koskinen explained that one the IRS’s highest priorities at the moment is to inform the 200,000 taxpayers whose transcripts were downloaded or an attempt was made to download their information that identity theft criminals have uncovered a large volume of their personal information. In addition to sending letters to these taxpayers, the IRS will provide free credit monitoring services to the 104,000 taxpayers whose accounts were actually accessed. "We greatly regret that this additional information is available to criminals," he said.