IRS Officials, Congress Agree That Agency Needs Better Anti-Fraud Measures

Congress was understandably alarmed at the news that cyberbaddies, believed to be criminals based in Russia, were able to gain access to previous years’ return data for 104,000 U.S. taxpayers. The Senate Finance Committee held a hearing today, where the Inspector General of the IRS explained that the agency simply isn’t keeping up with the criminals who want its data.

Filing false tax returns is a potentially lucrative business, since each one requires a modest amount of personal information about the victim in return for a tax refund that can be worth thousands of dollars. While IRS systems flag millions of fraudulent returns every year, the number is increasing dramatically.

This year’s data breach through the transcript system shows that aspiring identity thieves can change up their methods, and the agency needs to stay ahead of them.

“This incident provides a stark reminder that even security controls that may have been adequate in the past can be overcome by hackers, who are anonymous, persistent, and have access to vast amounts of personal data and knowledge,” Treasury Inspector General for tax administration J. Russell George said during his testimony before Congress.

This isn’t really news to the inspector general’s office, though. The IRS hasn’t yet implemented recommendations that George’s office made more than three years ago.

This wasn’t a hack, exactly: the thieves used personal data that they already had for about 200,000 potential victims to gain access to even more information through the transcript system. Fake tax returns that resemble past years’ returns for the same person would be less likely to get flagged for fraud.

IRS Commissioner John Koskinen explained to Congress that budget cuts are the reason why the IRS simply can’t keep up with its enemies, though members of Congress still question whether the IRS is underfunded, or just incompetent and spending money unwisely.

IRS needs to do more to fight cyberattacks, watchdog says [Associated Press]