Tuesday, May 26, 2015

Criminals Hack IRS, Gain Personal Information On 100,000 Taxpayers...

Rational Nation USA
Purveyor of Truth


Associated Press - Sophisticated criminals used an online service run by the IRS to access personal tax information from more than 100,000 taxpayers, part an elaborate scheme to steal identities and claim fraudulent tax refunds, the IRS said Tuesday.

The thieves accessed a system called "Get Transcript," where taxpayers can get tax returns and other filings from previous years. In order to access the information, the thieves cleared a security screen that required knowledge about the taxpayer, including Social Security number, date of birth, tax filing status and street address, the IRS said.

"We're confident that these are not amateurs," said IRS Commissioner John Koskinen. "These actually are organized crime syndicates that not only we but everybody in the financial industry are dealing with."

Koskinen wouldn't say whether investigators believe the criminals are based overseas — or where they obtained enough personal information about the taxpayers to access their returns. The IRS has launched a criminal investigation. The agency's inspector general is also investigating.

Identity thieves, both foreign and domestic, have stepped up their efforts in recent years to claim fraudulent tax refunds. The agency estimates it paid out $5.8 billion in fraudulent refunds to identity thieves in 2013.

"Eighty percent of the of the identity theft we're dealing with and refund fraud is related to organized crime here and around the world," Koskinen said. "These are extremely sophisticated criminals with access to a tremendous amount of data."

Congress is already pressing the IRS for information about the breach.

"That the IRS — home to highly sensitive information on every single American and every single company doing business here at home — was vulnerable to this attack is simply unacceptable," said Sen. Orrin Hatch, R-Utah, chairman of the Senate Finance Committee. "What's more, this agency has been repeatedly warned by top government watchdogs that its data security systems are inadequate {emphasis mine} against the growing threat of international hackers and data thieves.
"

Really gives the citizens and taxpayers a really warm and fuzzy feeling about our government. On the one hand its data mines our phone conversations and intrudes into our private affairs . and on the other it cannot protect us from criminals getting or personal information. NICE. I can see a few law suits a coming and they damn well should!

Via: Memeorandum

6 comments:

  1. If you think this is unique to government, you ought to take another look. Our government is actually pretty good on this stuff. And it's good that they were able to spot this before they lost more. This can be relatively easily be fixed. But we do have to realize, at the corporate, government, and industrial levels operating over open wire and open air requires vigorous cyber-security. And this is a serious issue that will have to be seriously addressed in coming years. It's a matter of national security.

    JMJ

    ReplyDelete
  2. Unique? No. A matter of national security? Absolutely.

    Was the IRS lax in light of prior warnings? Yes.
    Will anything happen to those you ignored the
    lax security? No.

    Do we have time to wait to address this
    serious issue that will have to be seriously addressed in coming years
    . No, we MUST start addressing now and maintain vigilance going forward Jersey.

    BTW, private industry will be the entity that will produce the solutions, not government.

    ReplyDelete
    Replies
    1. Look man, I know. I've been around. I worked for years with material sensitive in both sectors, government and private (and another government, and other governments) - at the same time. The government, our federal government, is very good at this, so good that they can wreck far more havoc with what they could do than any hacker ever could imagine. Not so much so the private sector. The simple and main reason for this disparity between government, which is again much better at this, and the private sector, is that it is not in the interest of the private sector to share it's security successes. In other words, they do not share what they learn about dealing with security. The government, especially the federal government, is one thing, essentially, and everything known within it, it knows. It's just a different animal with different functions and interests. In this particular case, it is why the government is better at cyber-security than the private sector. Though I should certainly note the private sector has played an inestimable role as well. It's not like our private sector is awash in this nonsense.

      JMJ

      Delete
    2. The simple and main reason for this disparity between government, which is again much better at this, and the private sector, is that it is not in the interest of the private sector to share it's security successes. In other words, they do not share what they learn about dealing with security.

      Well Jersey, I have no disagreement with this statement really. My point is, ... private industry will be the entity that will produce the solutions, not government. Private sector will develop the solution and government will merge various private sector solutions to create greater umbrella security.

      I managed for years and yes the private sector is very reluctant to share proprietary information, as they should be. However, my experience within my industry sharing of general knowledge that was not proprietary was commonplace, as it should be as well.

      Perhaps the federal bureaucracy should create the Department of National Cyber Security and hire and employ the very best and brightest in the growing field. A federalists dream come true methinks.

      Delete
  3. It's a HUGE problem on a global scale, and the cyber criminals are always one step ahead of security experts (I know a certain someone in charge of Cyber Command at the 5GON - a handy person to know for a Pinocchio sting - not that subject person would ever abuse the position).

    Private industry is actually more exposed than government; a bad habit of putting profits before records security. Notwithstanding this fact: Our defense contractors are in the private sector; and there are spooks everywhere that want to steal military trade secrets. BTW, we do it too. The Stuxnet virus that infected Iran's nuclear research facilities was our doing.

    ReplyDelete
  4. Don't know how the hackers do it. I cannot even get into my savings with out 'What was your great, great grandmother's favorite jelly', 'What was the color of your doctor's sweater when you were born'
    and 'at what county park did your parents first meet'. A quick data scan shows that as tax return fraud
    has increased, the IRS budget has correspondingly and directly inversely decreased. That may or may not be an excuse, but the personal data out there in 'clouds' and elsewhere, which the cyber crooks access so readily, has created a difficult task for both the government and private sector
    cyber defense geeks. (was the answer to #3 Halfmoon Lake?)

    ReplyDelete

As this site encourages free speech and expression any and all honest political commentary is acceptable. Comments with cursing or vulgar language will not be posted.

Effective 8/12/13 Anonymous commenting has been disabled. This unfortunate action was made necessary due to the volume of Anonymous comments that are either off topic or serve only to disrupt honest discourse..

I apologizes for any inconvenience this necessary action may cause the honest Anonymous who would comment here, respect proper decorum and leave comments of value. However, The multitude of trollish attack comments from both the left and right has necessitated this action.

Thank you for your understanding... The management.