Security Experts:

Connect with us

Hi, what are you looking for?


Fraud & Identity Theft

IRS “Get Transcript” Incident Hit Over 700,000 Taxpayers

The Internal Revenue Service (IRS) reported on Friday that the total number of taxpayers affected by the incident involving the agency’s Get Transcript application is much higher than previously reported.

The Internal Revenue Service (IRS) reported on Friday that the total number of taxpayers affected by the incident involving the agency’s Get Transcript application is much higher than previously reported.

The Get Transcript system was launched in January 2014 on to allow users to view and download their tax transcripts, or have them mailed to their address. Users can no longer view and download their transcripts since May 2015, after the IRS discovered that the service had been abused by fraudsters.

The IRS revealed in May 2015 that cybercrooks had used information obtained from other sources to access the Get Transcript accounts of roughly 114,000 taxpayers. In August, the agency reported discovering that there had been an additional 220,000 victims.

In a statement published on Friday, the IRS said it discovered that the accounts of an additional 390,000 people might have been accessed between the launch of the service and until it was shut down. This brings the total number of affected accounts to 724,000.

The agency also revealed that it detected a total of 570,000 failed attempts to abuse the Get Transcript service. The new details come as a result of a nine-month investigation conducted by the Treasury Inspector General for Tax Administration.

As security blogger Brian Krebs pointed out, fraudster could gain access to Get Transcript accounts by knowing the targeted individual’s name, date of birth, social security number and filing status, along with answers to some knowledge-based authentication (KBA) questions from credit bureau Equifax, such as previous address and loan amounts.

The name, date of birth and SSN of victims could have been obtained by the cybercrooks from various sources — this type of information is often exposed in data breaches. Furthermore, the answers to KBA questions can either be guessed or obtained from various free online services.

Get Transcript was not the only IRS service abused by fraudsters using information stolen from other sources. Earlier this month, the agency informed taxpayers that identity thieves had targeted the Electronic Filing PIN application in an effort to generate PINs for stolen SSNs. The IRS said it detected unauthorized attempts using roughly 464,000 unique SSNs, 101,000 of which were successful in generating PINs that can be used to file tax returns online.

The U.S. Federal Trade Commission (FTC) reported in January that the number of identity theft complaints received by the agency in 2015 was more than 490,000, a considerable increase compared to the 332,000 complaints in the previous year.

Related: DoJ Investigating Leak of FBI, DHS Employee Details

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content


A digital ad fraud scheme dubbed "VastFlux" spoofed over 1,700 apps and peaked at 12 billion ad requests per day before being shut down.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...


Pig Butchering, also known as Sha Zhu Pan and CryptoRom, is an ugly name for an ugly scam.

Application Security

Software maker Adobe has rolled out its first batch of security patches for 2023 with fixes for at least 29 security vulnerabilities in a...

Application Security

Software maker Adobe on Tuesday released security patches for 29 documented vulnerabilities across multiple enterprise-facing products and warned that hackers could exploit these bugs...

Application Security

Video messaging giant Zoom has released patches for multiple security vulnerabilities that expose both Windows and macOS users to malicious hacker attacks.The vulnerabilities, in...