Once again identity thieves use stolen SSNs in IRS attack

Pierluigi Paganini February 11, 2016

The IRS detected roughly unauthorized attempts using 464,000 unique SSNs, and 101,000 attempts allowed crooks in generating PINs.

The U.S. Internal Revenue Service (IRS) recently confirmed that cyber criminals abused the Electronic Filing PIN application.

The Electronic Filing PIN application is running on irs.gov and allows taxpayers to generate a PIN that they can use to file tax returns online. The information necessary to obtain this PIN is the name, date of birth, mailing address and of course, the SSN.

Unfortunately, for identity thieves is quite easy to obtain SSNs online from the dumps resulting from the numerous data breaches occurred in the last months.

SSN numbers, for example, along with other PII are easy to acquire in the various black markets, data breaches of Anthem and CareFirst have made available on the market data related to million customers.

The criminals use this information with an automated bot that is able to generate PINs for the E-File service. In January, the Internal Revenue Service detected roughly unauthorized attempts using 464,000 unique SSNs, and the bad news is that 101,000 attempts allowed crooks in generating PINs.

The agency highlighted that its systems were not breached and no taxpayer data has been exposed.

“The IRS recently identified and halted an automated attack upon its Electronic Filing PIN application on IRS.gov. Using personal data stolen elsewhere outside the IRS, identity thieves used malware in an attempt to generate E-file PINs for stolen social security numbers. An E-file pin is used in some instances to electronically file a tax return.” the IRS said in a statement. “No personal taxpayer data was compromised or disclosed by IRS systems.”

“IRS cybersecurity experts are currently assessing the situation, and the IRS is working closely with other agencies and the Treasury Inspector General for Tax Administration. The IRS also is sharing information with its Security Summit state and industry partners,” 

IRS Statement on E-filing PIN

The tax agency already notified the users that have been impacted, it sent an email to inform that their accounts have been secured against tax-related identity theft.

A similar incident occurred in May 2015 when the Internal Revenue Service’s Get Transcript system was accessed by unauthorized parties using stolen information.

More than 100,000 taxpayers were impacted by unauthorized accesses, meanwhile the total number of accounts breached exceeded 300,000.

Pierluigi Paganini

(Security Affairs – Internal Revenue Service, identity thieves)

you might also like

leave a comment