WASHINGTON — IRS investigators think the thieves who stole the personal tax information of more than 100,000 taxpayers from an IRS website are part of a sophisticated criminal operation based in Russia, two officials said.
The information was stolen as part of an elaborate scheme to claim fraudulent tax refunds, IRS said Commissioner John Koskinen, who declined to say where the crime originated.
But two officials briefed on the matter said on Wednesday that the IRS thinks the criminals were in Russia, based on computer data about who accessed the information.
An IRS spokeswoman said on Wednesday that the agency couldn’t comment on the investigation.
If true, it’s not the first time the IRS has been targeted by identity thieves based overseas.
In 2012, the IRS sent a total of 655 tax refunds to a single address in Lithuania, and 343 refunds went to a lone address in Shanghai, according to a report by the agency’s inspector general. The IRS has since added safeguards to prevent similar schemes, but the criminals are adapting.
The information was taken from an IRS website called “Get Transcript,” where taxpayers can get tax returns and other tax filings from previous years. In order to access the information, the thieves cleared a security screen that required detailed knowledge about each taxpayer, including their Social Security number, date of birth, tax filing status and street address.
The IRS thinks the criminals originally obtained this information from other sources. They were accessing the IRS website to get even more information about the taxpayers, which would help them claim fraudulent refunds in the future, Koskinen said.
The thieves already have used some of the information to claim as much as $50 million in fraudulent refunds, Koskinen said.
The IRS thinks the thieves started targeting the website in February. Technicians discovered the breach about two weeks ago, when they noticed an increase in the number of taxpayers seeking transcripts. The website was shut down last week.
The IRS said it is notifying taxpayers whose information was accessed and providing them with credit-monitoring services.
View the original content and more from this author here: http://ift.tt/1eA6LV0
from cyber security caucus http://ift.tt/1eA6LV1
via IFTTT
No comments:
Post a Comment