IRS Electronic Filing PIN Application Attacked by Malware

The IRS Electronic Filing PIN application was attacked by malware this week. The IRS posted the following on their News page:

===============

The IRS recently identified and halted an automated attack upon its Electronic Filing PIN application on IRS.gov. Using personal data stolen elsewhere outside the IRS, identity thieves used malware in an attempt to generate e-File PINs for stolen social security numbers. An e-file PIN is used in some instances to electronically file a tax return.

No personal taxpayer data was compromised or disclosed by IRS systems. The IRS also is taking immediate steps to notify affected taxpayers by mail that their personal information was used in an attempt to access the IRS application. The IRS is also protecting their accounts by marking them to protect against tax-related identity theft.

IRS cybersecurity experts are currently assessing the situation, and the IRS is working closely with other agencies and the Treasury Inspector General for Tax Administration. The IRS also is sharing information with its Security Summit state and industry partners.

Based on our review, we identified  unauthorized attempts involving approximately 464,000 unique SSNs, of which 101,000 SSNs were used to successfully access an e-File PIN.

The incident, involving an automated bot, occurred last month, and the IRS continues to closely monitor the web application.

This incident is not connected or related to last week’s outage of IRS tax processing systems.

===============

We will continue to monitor and update you as more information is released.

IRS, Industry, and State Security Summit and Collaborative Effort to Fight Identity Theft

The IRS joined with representatives of the tax software industry and state tax administrators on June 11, 2015 to announce the new collaborative effort to help protect the nation’s taxpayers from identity theft and tax fraud.

CrossLink has been part of this effort for the past three months and looks forward to being part of the continuing partnership with other tax industry companies, the IRS, and states in the months ahead to help combat the growing impact of identity theft to the federal and state tax systems.

This effort began in March 2015 with the establishment of three teams that focused on developing ways to improve tax return authentication and validation, information sharing between the industry, IRS, and states, and fraud detection and assessment of risks in order to develop strategies in preventing emerging threats.

The members of the IRS Security Summit agreed to several new initiatives in the following areas:

• Taxpayer authentication - Industry and government groups identified numerous new data elements that can be included with the return to help authenticate the taxpayer and detect identity theft fraud.
• Fraud detection - An agreement was made to expand the sharing of fraud leads between industry and government.
• Information assessment - The groups will look at establishing a formalized Refund Fraud Information and Assessment Center to more efficiently share information between the public and private sector to help identify fraud schemes and reduce the risk to taxpayers.
• Cyber-security framework - Industry agreed to align with the IRS and states under the National Institute of Standards and Technology cyber-security framework to promote the protection of the information technology infrastructure.
• Taxpayer awareness and communication - A joint effort between the IRS, states, and industry to increase the effort to inform taxpayers and raise awareness of the importance of protecting taxpayers’ sensitive personal tax and financial data to help prevent identity theft and refund fraud.

To learn more about this new IRS, industry, and state collaborative effort to fight identity theft and protect taxpayers, see the following on the IRS website:

• IRS news release on IRS, Industry, and State Security Summit
• 2015 IRS Security Summit Report
• IRS Security Summit page