IRS Suspects Russian Identity Thieves In Data Breach

You may remember that the Internal Revenue Service announced late yesterday that about 100,000 taxpayers’ personal information was breached when thieves armed with their personal information were able to log in to the IRS transcript system and extract even more sensitive information about their victims. Today, we learned that the IRS suspects that an organized group of hackers out of Russia are responsible for the 200,000 attempts to extract taxpayer data.

The Associated Press is reporting this based on information from IRS officials who aren’t authorized to talk to the media on the record, but who are familiar with the investigation. The thieves already had to have some information about the planned victims, since they needed personal data such as name, street address, and Social Security number to request the transcripts.

After that, in order to generate a transcript, a person using the site would have to take a multiple-choice quiz of facts “known only to you,” as the IRS put it on the Web site. The problem: security blogger Brian Krebs reports that this information actually came from Equifax credit reports. You’ve probably run into quizzes like this during financial transactions or when requesting a credit report: “Which of these streets have you not lived on?” or “Which of these banks holds your mortgage?” Any enterprising identity thief can get hold of that information.

There is a lot of money in tax return fraud, which explains its appeal to professional criminals. “These actually are organized crime syndicates that not only we but everybody in the financial industry are dealing with,” explained IRS commissioner John Koskinen in a press conference today.

The goal of these criminals is to get hold of your tax refund before you do. Nationwide, fraudsters steal $6 billion in tax refunds from state and federal tax returns. The chair of the Utah State Tax Commission explained to Brian Krebs that fraudsters hit that state’s system, and apparently had copies of previous years’ tax returns to pull data from.

AP sources: IRS believes identity thieves from Russia [Associated Press]
IRS: Crooks Stole Data on 100K Taxpayers Via ‘Get Transcript’ Feature [Krebs on Security]

Want more consumer news? Visit our parent organization, Consumer Reports, for the latest on scams, recalls, and other consumer issues.