The Internal Revenue Service (IRS) revealed Tuesday that the accounts of over 100,000 taxpayers on one of its online systems were illegally accessed by criminals between February and May.
The data thieves accessed a system called "Get Transcript," the Associated Press reports. The system requires an applicant to enter his or her Social Security number, date of birth, tax filing status, and street address, and calls up information from the taxpayer's previous returns.
“The IRS notes this issue does not involve its main computer system that handles tax filing submission; that system remains secure,” an IRS statement declared. The "Get Transcript" service has been temporarily shut down following the cyber attack.
“In all, about 200,000 attempts were made from questionable email domains, with more than 100,000 of those attempts successfully clearing authentication hurdles,” the agency explained. “During this filing season, taxpayers successfully and safely downloaded a total of approximately 23 million transcripts.”
A criminal investigation has been launched to find those responsible.
“"We're confident these are not amateurs. These are actually organized crime syndicates that not only we but everyone in the financial industry are dealing with," IRS head John Koskinen stated at a media conference Tuesday.
Koskinen added that the thieves aimed to use the stolen information to submit fraudulent tax returns next year, according to Reuters.
The cyber attack on the IRS is the latest in a growing number of these incidents, which have also hit financial institutions like JP Morgan and retailers such as Target.
However, Koskinen noted that one major difference this time was that the criminals did not hack into the system. Instead, they had enough information on the individual taxpayers to access their accounts in the usual way.
The IRS has promised to provide free credit monitoring for those affected by the breach, and will start sending out letters to inform the victims. The organization estimates that no more than 15,000 fraudulent refund applications were processed due to the attack, Reuters reports.
Photo Credit: WikiCommons, Ray Tsang/Flickr