IRS computers hacked, taxpayer info stolen

Good day all. Last week news came out that the Infernal Revenue Service had been hacked and that the tax information of 100K people had been stolen.

This is a very frightening, if not unexpected, state of affairs. We’ve seen just how inept computer security has been in the government since the botched rollout of Obamacare’s web portal. Now the IRS has been hit even though they should have been ready for it. Here are some of the details from ABC News:

Sophisticated criminals used an online service run by the IRS to access personal tax information from more than 100,000 taxpayers, part of an elaborate scheme to steal identities and claim fraudulent tax refunds, the IRS said Tuesday, (May 26).

The thieves accessed a system called “Get Transcript,” where taxpayers can get tax returns and other filings from previous years. In order to access the information, the thieves cleared a security screen that required knowledge about the taxpayer, including Social Security number, date of birth, tax filing status and street address, the IRS said.

“We’re confident that these are not amateurs,” said IRS Commissioner John Koskinen. “These actually are organized crime syndicates that not only we but everybody in the financial industry are dealing with.”

Yeah, the amateurs are working in the IRS Information Technology department, probably in a management roll.

Koskinen wouldn’t say whether investigators believe the criminals are based overseas — or where they obtained enough personal information about the taxpayers to access their returns. The IRS has launched a criminal investigation. The agency’s inspector general is also investigating.

That means it did come in from overseas, they got everything and was probably another state sponsored attack on the American network infrastructure. (As of this post, it looks like the Russians) Needless to say, Congress is now getting into the act. (They are worried it was their tax returns that were stolen no doubt)

“That the IRS — home to highly sensitive information on every single American and every single company doing business here at home — was vulnerable to this attack is simply unacceptable,” said Sen. Orrin Hatch, R-Utah, chairman of the Senate Finance Committee. “What’s more, this agency has been repeatedly warned by top government watchdogs that its data security systems are inadequate against the growing threat of international hackers and data thieves.”

Where the Hell have you been Hatch? The IRS has been very busy protecting their systems from threats. Just ask Darrell Issa how hard it’s been to get into their systems.

Koskinen said the agency was alerted to the thieves when technicians noticed an increase in the number of taxpayers seeking transcripts. The IRS said they targeted the system from February to mid-May. The service has been temporarily shut down.

And there, in the distance, is a horse’s ass. Behind me a barn door now being locked.

“In all, about 200,000 attempts were made from questionable email domains, with more than 100,000 of those attempts successfully clearing authentication hurdles,” the agency said. “During this filing season, taxpayers successfully and safely downloaded a total of approximately 23 million transcripts.”

The agency is still determining how many fraudulent tax refunds were claimed this year using information from the stolen transcripts. Koskinen provided a preliminary estimate, saying less than $50 million was successfully claimed.

If they put the same crew on it that was supposed to find Lois Lerner’s email, we’ll never find out how much was stolen.

The IRS said it is notifying taxpayers whose information was accessed.

Really? That’s a first. Usually they just refuse to tell anyone their information was stolen. It might violate the criminal’s privacy after all. At least they used to until Senator Kelly Ayotte, (R-NH) wrote a letter. According to the Manchester Union Leader:

If identity thieves went on a spending spree with your credit card numbers, the credit card companies would alert you to the suspicious activity. But if identity thieves filed a fraudulent tax return in your name and got a refund, you would have no idea. The IRS has refused to inform the victims of fraudulent tax filings.

That changed last week thanks to U.S. Sen. Kelly Ayotte. According to Sen. Ayotte’s office, this newspaper’s coverage of fraudulent tax filings prompted the senator to write the IRS to request a change in its policies. Last week Ayotte received a response from IRS Commissioner John Koskinen.

“As a result of your letter, we have decided to change our policy regarding disclosure of fraudulent identity theft returns to the victims whose names and SSN the fraudulent return was filed under,” he wrote.

And the reasoning the IRS used for not telling people their identity had been stolen?

Not only has the IRS failed to notify victims, but the agency refused even to release copies of fraudulent returns once victims discovered their identities had been used to obtain tax refunds. One excuse for not releasing copies was that multiple Social Security numbers could be on a single return, so releasing it could compromise someone else’s identity.

Ayotte responded that the IRS could simply redact the returns where necessary. Koskinen’s May 28 letter says the IRS will do exactly that. Because of Ayotte’s prodding, fraudulent returns will be made available to victims and victims will be notified if false returns are filed in their name.

I am shocked that a single letter to the Infernal Revenue Service got them to do something they should have been doing all along. Their normal pattern is to deny, lie, and ignore. I have many issues with Kelly Ayotte, but once in a while, the Rino will remember that she is from New Hampshire and that we actually expect our representatives to do things like this.

Thatisall

~The Angry Webmaster~

[yasr_visitor_votes size=”medium”]