What happens next Where's my refund? Best CD rates this month Shop and save 🤑
MONEY
John Koskinen

IRS: Cyber-thieves stole up to $39M

Kevin McCoy
USA TODAY
An IRS  2013 1040-ES estimated tax form at H & R Block tax preparation office in the Echo Park district of Los Angeles, in a 2014 photo.

Cyber-thieves responsible for a large IRS data breach stole as much as $39 million by filing fraudulent tax refunds after gaining access to taxpayer information, the head of the nation's tax agency told Congress Tuesday.

IRS Commissioner John Koskinen provided the updated damage estimate on the embarrassing data breach initially made public last week and said federal tax officials are working with private tax-preparation firms in an effort to strengthen U.S. tax system security.

However, the federal inspector general who oversees the IRS predicted the agency could face additional computer attacks as preliminary investigation results show the cyber-thieves were part of an effort operated from Internet domains in Russia and other countries.

"For now, our biggest concern is for the affected taxpayers, to make sure they are protected against fraud in the future," Koskinen told the U.S. Senate Committee on Finance, saying tax officials are contacting those affected and helping them secure their personal data.

"Commissioner Koskinen, put simply, your agency has failed these taxpayers," said Sen. Orrin Hatch, R-Utah, who chairs the Senate panel and called the hearing seeking more information about a data breach that has renewed questions about IRS computer security.

Koskinen confirmed that cyber-thieves made approximately 200,000 attempts to get taxpayer data via the IRS "get transcript" application — an interactive program that enables legitimate taxpayers to access copies of their own federal tax returns from previous years.

Roughly half of an estimated 200,000 "get transcript" attempts cyber-thieves launched between mid-February and mid-May succeeded in gaining illegal access to taxpayer data, said Koskinen. The suspects did not attempt to gain access to the main IRS computer system that handles tax filings, he said.

An IRS investigation showed that approximately 35,000 of the taxpayers whose data was stolen had already filed their 2014 federal tax returns, and were not immediately affected, said Koskinen.

There was no record for any 2015 tax filing for an additional 33,000 taxpayers, said Koskinen. Investigators theorize the cyber-thieves may have stockpiled the stolen data with the aim of filing fraudulent tax returns in future years, he said.

IRS electronic fraud programs blocked the criminal efforts to file an estimated 23,500 returns. But the cyber-thieves succeeded in obtaining refunds for up to $39 million by filing approximately 13,000 fraudulent returns using stolen taxpayer data, said Koskinen.

The IRS is trying to determine how many of the 13,000 tax returns were filed by legitimate taxpayers and the precise number filed by cyber-thieves, he said.

J. Russell George, the tax agency's inspector general, testified that the IRS may face additional cyber-attacks as it tries to make information accessible to legitimate taxpayers through interactive computer applications.

George warned that oversight audits by his agency have identified a number of areas in which the IRS "could better protect taxpayer data." As of March 2015, the audits had produced 44 recommendations that the IRS has yet to implement, he said.

The electronic breach "would have been much more difficult" for the cyber-thieves to execute successfully if the IRS had "implemented all of the the recommendations that we made," said George.

IRS officials recently held a meeting with private-sector leaders of the tax software and payroll industries, as well as state tax administrators, said Koskinen. The participants formed working groups that later in June expect to announce what he characterized as "short-term" solutions to protect personal information during the 2015 tax filing season.

The solutions are expected to involve stronger validation procedures for those who use online tax-filing systems, and efforts to identify and share signs of fraud trends more quickly.

However, Koskinen cautioned the Senate panel "there is no magic bullet that tomorrow morning is going to put this all to an end."

Featured Weekly Ad