3
months ago the IRS (Internal Revenue Service) acknowledged that
hackers used the “get transcript" software to steal personal
data. At the time it was thought that the attack was limited to
114,000 people Since that time it has become apparent that the breach
was more extensive than first thought.
Here
we have a case where a successful authentication-based attack was
discovered in May, and yet the IRS is still unclear of the extent of
the breach’s damage months later. Even now, how confident is the
IRS they fully understand the extent of the attack completely, or
should we expect yet another shoe to drop in the coming weeks?”
said Jeff Hill of STEALTHbits Technologies, a cyber security company.
On
Monday that assessment was upped by 220,000 individuals to 334,000
that could be in danger of having their taxes information
compromised. Just how much of the personal information was
compromised is still not known. The IRS though is going by the
assumption that the damage is severe enough that the hackers could
file fraudulent returns to claim bogus refunds.
In
a statement the agency said, "as part of the IRS's
continued efforts to protect taxpayer data, the IRS conducted a
deeper analysis over a wider time period covering the 2015 filing
season, analyzing more than 23 million uses of the Get Transcript
system."
The
IRS is sending out letters to all of the people that could have been
victims of the attack. The letter will inform them the government
will provide them with a year of identity theft protection. There
will most likely be some steps that the letter recipient will need to
take but that will all be outlined in the letter.
No comments:
Post a Comment