IRS thwarts 'automated attack' against tax e-filing systems

The US tax office said no personal data was compromised or disclosed.

imrs.jpg
(Image: file photo)

The US federal tax office fended off an "automated attack" on its systems last month, during which hackers tried to generate electronic filing numbers for half-a-million taxpayers.

A statement released by the Internal Revenue Service said the agency prevented the attack that targeted one of its web-based systems, which allows US taxpayers to file their taxes online.

READ THIS

These companies lost your data in 2015's biggest hacks, breaches

Was your data stolen by hackers? (HInt: it probably was.)

Taxpayers who are enrolled online are given a five-digit e-filing code, used to authenticate the user when filing taxes. The IRS said that the attackers tried to match e-filing codes with more than 464,000 Social Security numbers, thought to be stolen elsewhere from other attacks.

By matching the codes to the stolen Social Security numbers, it's theoretically possible to gain access to tax return and filing data.

The agency said an automated bot was thought to have generated e-filing for over 101,000 Social Security numbers. No taxpayer data was compromised or disclosed by IRS systems.

Affected accounts have been marked to help protect against tax-related identity theft.

News of the attack landed the same day that President Barack Obama announced a $5 billion hike in cybersecurity spending, in an effort to make cyber-defenses and protections a top priority. The Obama administration also set out to hire its first chief information security officer to take on federal responsibility for cybersecurity policy and strategy.

It comes after a series of high-profile attacks against US government departments, agencies, and systems.

The tax agency wasn't so lucky last year when it was hit by a data breach, in which hackers pilfered tax information on more than 100,000 Americans.

Since then, the IRS has doubled-down on security systems in an effort to prevent similar attacks from happening.

Some state agencies, such as Oregon and New Mexico, now require two-factor authentication to better ensure hackers don't get access to private and sensitive tax information.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.
See All
See All