Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Many Equifax Hack Victims Had Info Stolen Prior to Breach: IRS

The U.S. Internal Revenue Service (IRS) believes the recent Equifax breach will not make a significant difference in terms of tax fraud considering that many victims already had their personal information stolen prior to the incident.

The U.S. Internal Revenue Service (IRS) believes the recent Equifax breach will not make a significant difference in terms of tax fraud considering that many victims already had their personal information stolen prior to the incident.

IRS Commissioner John Koskinen told the press on Tuesday that 100 million Americans have had their personally identifiable information (PII) stolen by hackers, according to The Hill. He also advised consumers to assume that their data has already been compromised and act accordingly.

The Equifax breach, which affected more than 145 million individuals, allowed cybercriminals to access social security numbers, dates of birth and other information. Despite this being one of the largest data breaches in history, Koskinen said it likely “won’t make any significantly or noticeable difference.”

In prepared remarks, Koskinen said the IRS stopped 883,000 attempts to file tax returns using stolen information in 2016, which represents a 37% drop compared to the previous year. Another 30% decrease in fraud attempts was observed this year, when 443,000 instances were discovered throughout August.

Koskinen also pointed out that the number of identity theft victims, based on reports received by the IRS, dropped by 46% in 2016 to 376,000. Another significant decrease in the number of identity theft reports was recorded this year.

“We know cybercriminals are planning for the 2018 tax season just as we are. They are stockpiling the names and SSNs they have collected. They try to leverage that data to gather even more personal information. This coming filing season, more than ever, we all need to work more diligently and work together to combat this common enemy,” the commissioner said.

The IRS has been working on strengthening the security of its systems. In the past year, the agency was forced to suspend several of its online services due to security concerns, including the Identity Protection PIN tool, the Get Transcript service, and the Data Retrieval Tool for Federal Student Aid applications. The Get Transcript service was abused by fraudsters to access the online accounts of more than 700,000 taxpayers.

Related: Seagate Employee Tax Forms Stolen in Phishing Attack

Advertisement. Scroll to continue reading.

Related: Fraudsters Who Abused IRS “Get Transcript” Service Plead Guilty

Related: UK Audit Office Says More Effort Needed to Combat Online Fraud

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders.

Register

People on the Move

Data security startup Reco adds Merritt Baer as CISO

Chris Pashley has been named CISO at Advanced Research Projects Agency for Health (ARPA-H).

Satellite cybersecurity company SpiderOak has named Kip Gering as its new Chief Revenue Officer.

More People On The Move

Expert Insights