IRS Says Thieves Stole Tax Info From 100,000

[JRS]

http://www.newsmax.com/Newsfront/irs-breach-accounts-hacked/2015/05/26/id/646831/

Edited May 26, 2015 by JRS

[Elrod]

"The IRS said it is notifying taxpayers whose information was accessed."

See.....Ya don't even need E&O insurance.

[Jack from Ohio]

Notice the hack attacks are for organizations with tens or hundreds of thousands of people's information.  It is time consuming and difficult to hack these systems.  They are not going to attack my business with 250 clients, or even the firm where I work with 3,000 clients.  Too much work with small rewards for the hackers.

Hackers pick low hanging fruit.

[SaraEA]

According to the article, the thieves hacked the IRS transcript system.  They already had the taxpayers' names, birthdates, SS #s, and addresses, which is all they needed to get in.  So all they got that they didn't have before was tax return transcripts.  And what are they going to do with those?  All I can think of is present them to banks and take out big loans in the victims' names.

Note that the personal data they used to access the system was exactly what was stolen in the massive Anthem breach.  I wonder just how many people who ever had Anthem Blue Cross/Blue Shield signed up for free credit monitoring. Doing so will at least prevent the bank loans.  I wonder what other disasters these poor folks have in store for them in the future.

Also note that in the "old days" (last year), the only people who could get transcripts instantly were tax pros who had POAs and had been vetted to use eservices.  Taxpayers could request them online or by phone but had to wait a few weeks for them to arrive by snail mail.  Now the parties are reversed.  CPAs, EAs, and attorneys can no longer get transcripts through eservices, only taxpayers can.  Someone high up in the IRS had to distrust tax pros enough to push for that change (the initials KH come to mind). I couldn't believe there was that much of a problem with credentialed preparers gaining unauthorized access to a taxpayer's records--we had to present a POA, PTIN, license number, CAF--lots of safeguards there.  Now we are locked out.  Anyone with stolen Anthem data is allowed in.  What is wrong with this picture?

[Jack from Ohio]

I do not understand how they got around the "identity questions" you must navigate to get access??  If you think it is easy, go to the site (when it is put back online) and try to get your own transcripts.

[Max W]

SaraEA says "CPAs, EAs, and attorneys can no longer get transcripts through eservices, only taxpayers can."

Wha? I get transcripts through e-services every day!

[Lee B]

If you read the various articles, the thieves obtained people's SSNs, birthdates etc from other sources.

Then using that information, they by impersonating individuals,  obtained tax return transcripts.

I think it is a very important distinction.  IRS eservices was not hacked !

[Lee B]

For a balanced perspective on this story, here is NAEA's position:

 

IRS in an announcement late yesterday stated "criminals used taxpayer-specific data acquired from non-IRS sources to gain unauthorized access to information on approximately 100,000 tax accounts through IRS' 'Get Transcript' application. This data included Social Security information, date of birth and street address."

 

We believe it is important for our members to understand the issue at hand here. In the first place, IRS was not "hacked." More to the point, criminals did not break into IRS databases and steal 100,000 accounts. The criminals had the keys, obtained elsewhere--they came in the front door and fraudulently posed as taxpayers. While your clients may not be particularly interested in this fine distinction, we believe the distinction is one worth making, both to your staff members and to your clients.

 

Members may have already heard of the breach either through the media or social networks (we posted to NAEA's Facebook page last evening), but we wanted to make sure that all NAEA members were aware of the issue--and that IRS had shut down the "Get Transcript" application.

 

Please take a minute or two to read IRS' announcement, which provides quite a bit of useful information, including details on what the agency believes happened, how many taxpayers are affected, and what the agency is doing in response (including an offer of free credit monitoring).

 

In our conversations with well-placed current and former IRS officials, we gleaned a few other items for your consideration:

 

• IRS has not yet sent the letters to the taxpayers whose data has been compromised. Those letters should be going out shortly--perhaps by the end of the week, though frankly we don't have a high level of confidence on this-and we expect to receive a copy, which we plan to share with our members.
• We do not know how long the "Get Transcript" function will be shut down. Our guess is that it may be a very long time before IRS reopens it.
• IRS plans to post FAQs (Frequently Asked Questions) to its website--perhaps today

[Abby Normal]

CPAs, EAs, and attorneys can no longer get transcripts through eservices,

​Not true! I just got one today. We can't get POA online. We have to fax and wait a week or so.

[joanmcq]

The info used in the get transcript system is probably from credit reports.  When I tried the system to get my own, it asked about old addresses, what company I had a mortgage with in 2002, stuff like that. Some of it I actually had to look up.  The answers to some of the questions (all are multiple choice)was 'none of these' which was an option for all of the questions.  So my thought is that the ID thieves had credit reports. The anthem database wouldn't have the info necessary to get through the ID verify.

its telling also that they were able to get into accounts about 50% of the time.  And what could they get?  All of your wage & income data, and prior years AGI, plus your spouse's SSN & name. stuff that is very helpful in filing fake tax returns.

[Lion EA]

Our NY/CT-ATP meeting this month was on Cyber Breach.  Our speaker was a CPA with a small firm, two offices, maybe 1,000 returns but 800 individual returns.  His firm was the first in CT to be breached.  Hacker extradited from Bulgaria and in a NJ federal prison.  More arrests are expected in Bulgaria and our tri-state area.  But, this began in 2011-12.  Hacker got in and spent about five months cracking his password.  Then made a backup of his tax returns.  2013 tax season was his worst nightmare with about 40% of his clients having fraudulent returns filed; 2014 only half as bad; 2015 down to single digits for fraudulent returns.  He suggests at least $250,000 in cyber breach insurance.  He said (after working with the FBI, Secret Service, Homeland Security, and probably more) that the hackers don't know how big you are or what you might have of value; they just look to get in.  Then they can take their time looking around your data to see what they can use.  (I'm saying this from memory, but his IRS webinar is archived, so you can hear it from the horse's mouth.)

[SaraEA]

Anyone know if taxpayer's bank account and routing numbers are part of the transcripts?  Lots of clients use direct deposit or direct debit.  And thanks for reminding me we can get transcripts through eservices--just have to fax the 2848 and wait until it gets into the system.  For the past year we've been asking clients to get their own transcripts because it's faster.

[Jack from Ohio]

Anyone know if taxpayer's bank account and routing numbers are part of the transcripts?  Lots of clients use direct deposit or direct debit.  And thanks for reminding me we can get transcripts through eservices--just have to fax the 2848 and wait until it gets into the system.  For the past year we've been asking clients to get their own transcripts because it's faster.

​No.  Bank information is not in the transcript.