The tax industry partners who make up the Security Summit are urging practitioners to take a page out of the medical books in order to keep their computer systems healthy: to cure an infection, you first have to know your patient is sick.
In other words, tax pros have to know the signs of data theft if they expect to move quickly to protect their clients.
The Security Summit, which is comprised of IRS officials, state tax agency representatives, and tax industry leaders, says time is critical when there’s a question of identity theft surrounding their data systems. That means immediately contacting the IRS if there’s evidence their data has been compromised, and enlisting insurance or cybersecurity experts to help determine the cause and extent of a possible loss.
"There are tell-tale signs of identity theft that tax pros can easily miss," said IRS Commissioner Chuck Rettig. "Identity thieves continue to look for ways to slip into the systems of tax pros to steal data. We urge practitioners to take simple steps and remain on the lookout for signs of data and identity theft. They are a critical first line of defense against identity theft."
Security Summit partners have adopted the theme “Boost Security Immunity: Fight Against Identity Theft,” aimed at urging tax pros to try harder to secure their systems and protect client data. This is reflected by a common comment from tax pros to IRS investigators after data theft: They didn’t immediately recognize the signs they’d been compromised.
What are the signs of possible data theft?
Tax professionals should know the critical signs of data theft:
- Client e-filed returns rejected because client's Social Security number was already used on another return.
- More e-file acknowledgements received than returns the tax pro filed.
- Clients responded to emails the tax pro didn't send.
- Slow or unexpected computer or network responsiveness such as:
- Software or actions take longer to process than usual;
- Computer cursor moves or changes numbers without touching the mouse or keyboard;
- Users unexpectedly locked out of a network or computer.
Sometimes, the signs of data theft come to the tax pro from their clients. These “red flags” may come in the form of IRS Authentication letters (5071C, 4883C or 5747C), even though the client hasn’t filed a return. Other signs are a refund when the client hasn’t filed, or a tax transcript they didn’t request.
More warning signs can include:
- Emails or calls from the tax pro that they didn't initiate.
- A notice that someone created an IRS online account for the taxpayer without their consent.
- A notice the taxpayer wasn't expecting that:
- Someone accessed their IRS online account; or
- The IRS disabled their online account.
There could, of course, be other examples. Data thieves are a relentless and creative lot. This means tax professionals should have the highest security possible and should not hesitate to contact authorities if they suspect or find something that isn’t right.
What should I do if my data is stolen?
There are steps that tax professionals can take if they—or their office—fall victim to a data theft. But speed is critical; these steps should be taken immediately to mitigate further damage.
Report the theft to the local IRS Stakeholder Liaison.
Liaisons notify IRS Criminal Investigation and other agency officials on behalf of the tax pro. The IRS can take steps to block fraudulent returns in the clients’ names and assist the local practitioner through the process. But speed is vital; data theft must be reported quickly.
Email the Federation of Tax Administrators at firstname.lastname@example.org.
This will get the tax pro information on how best to report the facts of the data theft to their particular state. According to the IRS, most states require that the state attorney general should be notified of data breaches and in some states, this could involve multiple state offices.
For more information on reporting a breach, see Data Theft Information for Tax Professionals.
For help with security recommendations, tax professionals can look over IRS Publication 4557, Safeguarding Taxpayer Data, which has been recently updated. Another good source is Small Business Information Security: The Fundamentals from the National Institute of Standards and Technology.
On the IRS website, IRS.gov, their Identity Theft Central pages have additional details targeting tax professionals, businesses and individuals. Also on IRS.gov, Publication 5293, Data Resource Guide for Tax Professionals, has a full set of compiled numbers on data theft.