Stories
Slash Boxes
Comments

SoylentNews is people

IRS Coughs up 100,000 Tax Returns to Thieves

posted by CoolHand on Wednesday May 27 2015, @09:51PM   Printer-friendly
from the stealin-for-a-livin dept.

frojack writes:

Many news outlets seem to be carrying this story:

Sophisticated criminals used an online service run by the IRS to access personal tax information from more than 100,000 taxpayers, part of an elaborate scheme to steal identities and claim fraudulent tax refunds, the IRS said Tuesday.

The thieves accessed a system called "Get Transcript," where taxpayers can get tax returns and other filings from previous years. In order to access the information, the thieves cleared a security screen that required knowledge about the taxpayer, including Social Security number, date of birth, tax filing status and street address, the IRS said.

The Get Transcript site requires certain knowledge about past returns, most of which is guessable, such as a social security number, and other fairly accessible information. Complete records of prior year are returned via Email if the thieves succeed in providing enough screening items correctly.

Old tax records enable the thieves to go after refunds, not only for the current year, but future refunds as well. Having tax returns from prior years provide a wealth of information for future identify theft.

About 200,000 attempts were made, and about half of them succeeded. The system is currently shut down, and Congress is making stern sounds. But as yet the IRS does not know if these thefts were carried out by domestic or foreign thieves.

[Editor's Comment: Original Submission]

 
This discussion has been archived. No new comments can be posted.
IRS Coughs up 100,000 Tax Returns to Thieves | Log In/Create an Account | Top | 21 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 1) by Placenta on Wednesday May 27 2015, @10:01PM

    by Placenta (5264) on Wednesday May 27 2015, @10:01PM (#188800)

    So you've identified a problem.

    Now what's your solution?

    You must remember that users want near-instant online access. They won't be happy when they need to access the site and its information today, because of a strict deadline that's coming up tomorrow, yet in order to access the data online they'll need to wait a week for the IRS to mail them their password or access code.

  • (Score: 1, Interesting) by Anonymous Coward on Wednesday May 27 2015, @10:07PM

    by Anonymous Coward on Wednesday May 27 2015, @10:07PM (#188804)

    Then the morons can go fuck themselves, because these are the same idiots who whine and cry when their bank account is emptied by a thief thanks to insecure practices.

    • (Score: 0, Troll) by Placenta on Wednesday May 27 2015, @10:12PM

      by Placenta (5264) on Wednesday May 27 2015, @10:12PM (#188806)

      Let me see if I understand your solution to this problem. So let us suppose that John Smith needs to access his past tax returns and filings. In order to do this securely, he will need to get his penis to an erect state, he will then need to pull it between his legs, and bend it up so that he can insert it directly into his own anus? This will then improve his online security? Won't this break the area where his penis attaches to his abdomen?

      • (Score: 1) by KGIII on Thursday May 28 2015, @12:51AM

        by KGIII (5261) on Thursday May 28 2015, @12:51AM (#188892) Journal

        You have obviously not been to Cam4...

        --
        "So long and thanks for all the fish."

  • (Score: 0) by Anonymous Coward on Wednesday May 27 2015, @10:26PM

    by Anonymous Coward on Wednesday May 27 2015, @10:26PM (#188812)

    Just because no solution is suggested doesn't mean that the argument is wrong.
    Maybe the users desiring near-instant online access *are* wrong... for now. Gimme an afternoon to actually think about solutions. Step one is always to identify that upon which could be improved. We've completed that step, now let's take the next one.

  • (Score: 2, Insightful) by Anonymous Coward on Wednesday May 27 2015, @10:51PM

    by Anonymous Coward on Wednesday May 27 2015, @10:51PM (#188824)

    So you've identified a problem.

    Now what's your solution?

    I don't have one.

    But, as the saying goes, you don't have to be a baker to know when the bread is stale.

  • (Score: 3, Insightful) by tftp on Wednesday May 27 2015, @11:11PM

    by tftp (806) on Wednesday May 27 2015, @11:11PM (#188840) Homepage

    You must remember that users want near-instant online access.

    The users also want a pony. So what? They aren't getting one.

    • (Score: 0) by Anonymous Coward on Wednesday May 27 2015, @11:34PM

      by Anonymous Coward on Wednesday May 27 2015, @11:34PM (#188853)

      Neigh you say?

  • (Score: 2) by SecurityGuy on Thursday May 28 2015, @04:21PM

    by SecurityGuy (1453) on Thursday May 28 2015, @04:21PM (#189159)

    You must remember that users want near-instant online access.

    So? We're not talking about Netflix, here, we're talking about the IRS. It's not like they can just go pay taxes to someone else. I'm all for being responsive to the needs of the end user--unless there's a good reason not to give them what they're demanding. If user X demands immediate access to their past tax returns, and the cost is making EVERYONE'S data insecure, then there's only one rational answer: No.

    For that matter, there's an IRS office 5 miles from my house. I can go there, present actual ID, and get copies of my records. Online would be nice, sure, but not at any cost.

  • (Score: 0) by Anonymous Coward on Thursday May 28 2015, @08:15PM

    by Anonymous Coward on Thursday May 28 2015, @08:15PM (#189297)

    Is this alternative universe where asymmetric cryptography was never invented?