Deep Analysis of "Get Transcript" Incident Finds 220,000 Additional Breaches
Yesterday, the IRS issued a press release detailing new findings related to the "Get Transcript" data breach that was reported in May. The investigation following the initial discovery of the incident targeted the entire 2015 filing season, finding an additional 220,000 potentially compromised taxpayer accounts and another 170,000 accounts exhibiting suspicious activity.
The agency will begin sending letters to all of the roughly 390,000 affected taxpayers, informing them of the type of suspected activity, what they can do to address the problem, and offer services to help secure their information.
Addressing security concerns directly, the IRS says that they "[take] the security of taxpayer data extremely seriously," citing a plan to implement "taxpayer-identity authentication protocols" to prevent similar hacks in the future. The "Get Transcript" service remains offline while the IRS works to improve security.
The Treasury Inspector General for Tax Administration (TIGTA) is continuing to investigate the hack. Preliminary information seems to indicate that the criminals likely collected "this information ... for potentially filing fraudulent tax returns during the upcoming 2016 filing season," which means that victims should take steps to safeguard their information if they receive a letter and cannot account for the described activity.
Source: Internal Revenue Service