With tax season in full swing, the Internal Revenue Service (IRS) is reporting that there have been illegal attempts to access its systems. According to the IRS website, the federal agency was able to stop an attack on its Electronic Filing Personal Identity Numbers (e-filing PIN) application. The attacks were initiated using out-of-wallet information from a third party tied to stolen Social Security Numbers (SSNs).
An e-filing PIN is used to help taxpayers protect their accounts when filing their tax returns electronically. It’s important to note that an e-filing PIN is not the same as an Identity Protection Personal Identity Numbers (IP PIN). The latter is a unique 6 digit sequence that helps the IRS verify a taxpayer’s identity: when you have an IP PIN, it prevents someone else from filing a tax return with your Social Security Number (SSN) since returns which don’t include the correct IP PIN may be booted back (on paper or e-filing). The e-filing and IP PINS aren’t interchangeable.
There were unauthorized attempts made involving approximately 464,000 unique SSNs. More than 100,000 of those SSNs were used to successfully access an E-file PIN. The IRS will be notifying those affected taxpayers and will mark those accounts to protect against potential tax-related identity theft.
According to IRS, no personal taxpayer data was compromised or disclosed. Additionally, it’s worth noting that identity thieves cannot generally file a tax return with your SSN and e-filing PIN.
(For more information on protecting your identity, click here.)
The IRS stresses that this attack is not connected with last week’s hardware failure. That attack affected several parts of the site, resulting in limited site utility for taxpayers and tax professionals: the site was restored the next day.
Here’s the full IRS statement:
The IRS recently identified and halted an automated attack upon its Electronic Filing PIN application on IRS.gov. Using personal data stolen elsewhere outside the IRS, identity thieves used malware in an attempt to generate E-file PINs for stolen social security numbers. An E-file pin is used in some instances to electronically file a tax return.
No personal taxpayer data was compromised or disclosed by IRS systems. The IRS also is taking immediate steps to notify affected taxpayers by mail that their personal information was used in an attempt to access the IRS application. The IRS is also protecting their accounts by marking them to protect against tax-related identity theft.
IRS cybersecurity experts are currently assessing the situation, and the IRS is working closely with other agencies and the Treasury Inspector General for Tax Administration. The IRS also is sharing information with its Security Summit state and industry partners.
Based on our review, we identified unauthorized attempts involving approximately 464,000 unique SSNs, of which 101,000 SSNs were used to successfully access an E-file PIN.
The incident, involving an automated bot, occurred last month, and the IRS continues to closely monitor the web application.
This incident is not connected or related to last week’s outage of IRS tax processing systems.