Criminals Attack IRS Website, Generate 101,000 E-Filing PINS

Your Guide to State, Local, Federal, Estate + International Taxation

The IRS recently announced it had identified and halted an automated attack on its e-filing PIN application available on Using personal information stolen elsewhere, thieves used malware to generate E-file PINs for stolen social security numbers.

When you attempt to e-file a tax return, the IRS verifies your identity using either the e-file PIN used on last year’s return or your prior year Adjusted Gross Income (AGI). If you don’t have either, you can request a new five-digit PIN from the IRS, either online or by calling 1-866-704-7388.

By generating e-file PINs, criminals can use stolen social security numbers to electronically file fraudulent tax returns and steal refunds without needing the taxpayer’s valid prior year PIN or AGI.

In the attack, which occurred in January, hackers attempted to obtain e-file PINs corresponding to 464,000 unique social security numbers using an automated bot. They successfully generated 101,000 PINs before the IRS blocked it.

In order to generate an e-file PIN, the hackers had to have names, Social Security numbers, dates of birth, and complete addresses as they appeared on 2014 returns. The IRS said that the data used by the hackers was not obtained from the IRS, but a May 2015 security breach at the IRS allowed criminals to gain information such as Social Security numbers, dates of birth, and street addresses for over 300,000 taxpayers using the IRS’ Get Transcript application.

The IRS is notifying affected taxpayers via mail and will be monitoring their accounts to prevent tax-related identity theft.

By Janet Berry-Johnson, CPA