Following the Sarbanes Oxley Act more than a decade ago, security and fraud have been two of the cornerstone focuses of the accounting profession. Proper and secure system controls have become a necessity, not only for auditors and tax accountants, but for every profession in business. This may lead one to believe that the IRS, who is very closely related to all of those matters, may have the strongest and most secure system second to no one. That would be an incorrect assumption.
Back in May, the IRS reported that their Get Transcript feature had been breached. At the time, they approximated that 100,000 accounts had been hijacked, leading to identity theft, tax refund fraud, and everything in between. That estimate has now grown to over 300,000. Attempts were originally thought to have begun in February but are now confirmed to have started as early as November of last year.
The hackers used sensitive information such as date of birth, home address, and social security number, gained from outside sources, in order to access individual accounts on the IRS’ website. After these accounts had been breached, past and present tax records opened doors to all sorts of identity theft.
The IRS is now in the process of contacting all parties affected by the breach and will continue to provide free credit monitoring, as they announced in May. A new program is also now being offered which assigns victims identification numbers which will be used to access accounts, rather than using date of birth or street address.
With this more than tripling the victim count on just this matter alone, the IRS, as expected, is working hard to create and strengthen controls in hopes to avoid similar attempted hacks in the future.
By Mark McInnis