IRS Finds ‘Get Transcript’ Data Breach Was More Widespread

The Internal Revenue Service said Friday that an investigation into last year’s data breach in the online Get Transcript application revealed it affected hundreds of thousands more taxpayers than originally believed.

Last May, the IRS revealed that identity thieves had used the online application to access the tax returns of 104,000 taxpayers (see IRS Detects Massive Data Breach in ‘Get Transcript’ Application). Organized criminals used taxpayer-specific data that they acquired from non-IRS sources, including Social Security information, birth dates and street addresses. In August, the IRS admitted that another 220,000 taxpayers had been affected (see Extra 220,000 Hit by IRS ‘Get Transcript’ Breach).

On Friday, the IRS said a nine-month investigation by the Treasury Inspector General for Tax Administration found potential access of approximately 390,000 additional taxpayer accounts during the period from January 2014, when the application was launched, through May 2015, when the breach was detected. In addition, 295,000 taxpayer transcripts were targeted but access was not successful. All taxpayers are being notified and they are being offered Identity Protection PINs.

“This expanded review has identified additional suspicious attempts to access taxpayer accounts using sensitive information already in the hands of criminals,” said the IRS. “The IRS is moving immediately to notify and help protect these taxpayers, including through free identity theft protection services as well as Identity Protection PINs.”

Tell Congress: Pass the Fair Tax Act of 2015! Sign the petition.