Just six weeks after Tax Day, the Internal Revenue Service has reported a security breach of over 100,000 taxpayers’ personal information.
According to the Associated Press, the theft occurred after organized crime syndicates (allegedly from Russia) obtained access in February to an IRS database called Get Transcript. That system contains information from taxpayers’ filings from previous years, which thieves can use to steal taxpayers’ identities or file fraudulent returns to obtain refunds. The IRS claims its primary computer systems remain secure, but admitted that the hackers would have needed information including Social Security numbers and addresses to gain access to Get Transcript in the first place.
The news is disturbing, though sadly, not shocking. Tax-related identity theft has continually plagued the IRS in recent years. Last month, NTU Foundation’s Demian Brady detailed just how sharply the frequency of these cases has risen: in 2013, the IRS reported that 2.4 million taxpayers were affected by identity theft, up from 47,000 just five years earlier.
The growing complexity of the U.S. tax code means these trends are likely to continue, and will be difficult to resolve. In January 2015, the Government Accountability Office found that the IRS had issued over $5.8 billion in fraudulent tax refunds in filing year 2013 alone. Taxpayers unfortunate enough to be victimized had to wait 312 days on average in order to have their cases straightened out by the IRS.