An IRS data breach caused more than 100,000 official records to be leaked through the IRS website, officials announced on Tuesday. By using the IRS’s “Get Transcript” service and using data collected from other sources, thieves were able to gather the account information of hundreds of thousands of taxpayers and file fraudulent tax returns.
After this unpardonable mistake, the IRS landed in a criticism firestorm as journalists and opinion-formers all shared their views on this issue. Granted, security breaches may be tolerable when they happen to retailers (for instance, the breach at Target). However, this IRS mishap resulted in a widespread distrust in both government and tax collection institutions.
In all honesty, the IRS does hold sensitive information about taxpayers and such data should be guarded by walls after walls of encryption and protection.
Official information revealed that two distinct breaches occurred in February and May, originating from Russian servers. Using information gathered from other sources, thieves attempted to access just shy of 250,000 records. Sadly, they succeeded in obtaining half of those.
Taxpayers often report IRS tax return rejections due to the fact that they allegedly already filed their returns. And while, according to IRS instructions, such situations should be treated as identity thefts, they may just be the result of the thieves having illicitly obtained the information from IRS servers.
The issue is a particularly sensitive one. Of course, the Pentagon and other nation defense forces should be the ones with the most sophisticated protection cyber protections. But the IRS should come as a very close runner-up, and evidence is building up that the institution hasn’t been properly addressing security issues for some time.
A 2011 incident when a different security breach resulted in $5.2 billion stolen. Another incident in took place in 2012 when over 1.2 million taxpayers had their identities stolen and yet another in 2013(1.6 million), it’s clear that the IRS has a problem- and a big one at that.
But while the public demands answers, IRS only responds with indifference.
“Tax returns with false income and withholding is significantly larger than what the IRS detects and prevents,” the agency casually said in a report.
Overall, more than $2.1 billion were paid for alleged phony tax returns in 2012 alone, and though the number decreased from 2010’s massive $3.1 billion figure, the situation is certainly not ideal. After all, this is all taxpayer money.
Deceased Americans filing for tax returns, for instance, is just one of the many paradoxes at the IRS. Children under the age of 14 filing similar returns is another. They accounted for $22.2 million respectively $1.5 million in returns.
Social Security numbers are used multiple times in different tax return forms and a whopping $162 million were paid to identity thieves who had filed a legitimate taxpayer’s returns before he got a chance to.
Officials with the IRS claimed that security measures had been improved both in 2013 and 2014, though it seems that the improvements failed to actually improve security.
Whether the IRS will continue to remain unapologetic in the face of a new cyber breach following a long succession of data breaches remains to be revealed.
Image Source: Politico