Latest Attempt to Bilk IRS Out of $50 Million Offers Chilling Example of How Stolen Data Can Be Used for Widespread Fraud

To call the recent cyber attack on the Internal Revenue Service a hacking incident is almost a stretch.

As more information comes out on the recent incident, first reported around the end of May, the more officials appear troubled, because the thieves actually didn't try to hide their presence in the computer system at all.

Get LifeLock protection now.

They walked right in through the virtual front door.

As CNN reports, criminals logged on to the IRS website just like any other visitor, and filed to receive tax returns that would net around $50 million in refunds.

The problem? The thieves - who authorities say hail from Russia - stole the returns of thousands of Americans using personal data stolen elsewhere.

This incident offers a chilling example of just what thieves can do with your personal data when they steal it from your discarded mail, credit card accounts, or wherever they manage to obtain it.

This latest incident also reinforces the fact that the IRS has continued to experience data security problems for the past several years.

"Computer security has been problematic for the IRS since 1997," said the agency's independent watchdog in a recent report.

CNN reports that between the months of February and May alone, several attacks were launched against the IRS' systems, targeting the personal data of roughly 200,000 Americans, including their Social Security numbers.

The IRS is not alone, though. John Koskinen, IRS commissioner, told the New York Times and ABC News that virtually every financial agency in existence is facing sophisticated cyber thieves such as these.

As ABC points out, thieves sadly don't need much to be able to access IRS accounts and the like online. It appears all the Russians needed to access the 100,000 American tax returns was the person's name, address and Social Security number, and perhaps one personal fact that could easily be found through a social media search, such as, "What was your high school mascot?"

The Deep Web also includes countless sites on which hackers sell the personally identifiable information they have stolen through past successful hacks. Ever wonder what happens to all the data stolen in recent high-profile breaches like Target and Sally Beauty Supply? That's one likely place it ends up. Criminals can purchase that information from hackers on the Deep Web and use it in attacks such as that levied on the IRS.

The latest IRS incident also brings to light just how many times recently that foreign hackers have attacked the United States' most sensitive government computer networks. Russian hackers are also believed to be responsible for attacks on the White House and State Department in the past few months. Chinese hackers are believed to be behind recent attacks on the federal government's Office of Personnel Management, and major health insurer Anthem. North Korean hackers were allegedly behind the massive breach of Sony Pictures' email archives.

"It's a problem, no matter where it's coming from," Rep. Peter Roskam told CNN last week. "It surely doesn't help matters though that [the IRS breach is] coming from Russia, for all the obvious geopolitical reasons."

CNN reports that Republican Senate Finance Committee Chairman Orrin Hatch has plans to bring IRS Commissioner Koskinen before Congress for questioning about the incident, while authorities continue to investigate. Meanwhile, the thousands of Americans believed to be affected by the recent cyber attack are being notified and offered credit monitoring services.

4 Million Members and Counting


"I almost lost my job because someone used my driver’s license and received 8 violations."
- Casey S.


"All of my personal information, even my social security card, was taken."- Jamie A.

It only takes minutes to sign up.

Start Your Membership