The Internal Revenue Service Did Not Identify and Assist All Individuals Potentially Affected by the Get Transcript Application Data Breach
Saturday, August 6th, 2016 @ 5:21PM
CFEG reports that on June 8, 2016 the Treasury Inspector General for Tax Administration (TIGTA) released a report to the public which found that the IRS did not identify and assist all individuals potentially affected by the ‘Get Transcript’ application data breach in May, 2015 and whose tax information was at risk of being used by unauthorized individuals. TIGTA’s analysis of IRS system audit logs between January 1, 2014, and May 21, 2015 identified 620,931 taxpayers whose tax account information involved a potentially unauthorized access not identified by the IRS. TIGTA further found that potentially unauthorized users were successful in obtaining access to 355,262 of the taxpayers’ accounts. TIGTA further found, among other things, that 79,122 individuals whose tax accounts the IRS identified as being involved in an attempted access were not offered an Identity Protection Personal Identification Number (IP PIN) or free credit monitoring.
TIGTA recommended that the IRS issue notification letters to 620,931 taxpayers whose accounts were potentially targeted and place identity theft markers on their accounts. TIGTA further recommended that the IRS ensure that authentication system error codes are analyzed when responding to future data breaches and issue IP PINs to the 79,122 individuals whose personal information was used by unauthorized individuals in attempts to access the ‘Get Transcript’ application. CFEG has provided the full TIGTA report for your review.