for display only
Big Blue Interactive The Corner Forum  
Back to the Corner

Archived Thread

NFT: IRS $50 Million Hack Thread

gidiefor : Mod : 5/28/2015 7:22 am
There is apparently widespread belief that the "organized crime" hackers who were filing fraudulent returns with the IRS will now start directly targeting the people who's info was breached.

Story linked below
Link - ( New Window )
the real burning question I have is -  
gidiefor : Mod : 5/28/2015 7:26 am : link
how do you know if your info has been breached?
Gidie  
old man : 5/28/2015 10:36 am : link
Get ready for the,"Don't worry, we've got this" b.s. announcement that comes from the IRS.
They will likely send that message in a letter to the specifically hacked as well.
RE: the real burning question I have is -  
jcn56 : 5/28/2015 1:12 pm : link
In comment 12303636 gidiefor said:
Quote:
how do you know if your info has been breached?


You don't, until they follow through on disclosure to indicate who was hit and who was spared, following a detailed investigation of course.

This would be a lot less frustrating if not for the fact that people have been pointing out the IRS was vulnerable for a very long time now. Apparently, the only thing more archaic and difficult to navigate than the tax code is the IRS' IT infrastructure.
RE: RE: the real burning question I have is -  
Jim in Fairfax : 5/28/2015 1:24 pm : link
In comment 12304338 jcn56 said:
Quote:

You don't, until they follow through on disclosure to indicate who was hit and who was spared, following a detailed investigation of course.

This would be a lot less frustrating if not for the fact that people have been pointing out the IRS was vulnerable for a very long time now. Apparently, the only thing more archaic and difficult to navigate than the tax code is the IRS' IT infrastructure.

To be fair, the IRS has had its budget cut by 18% over the past 5 years. Cyber security costs money.
RE: RE: RE: the real burning question I have is -  
njm : 5/28/2015 1:29 pm : link
In comment 12304373 Jim in Fairfax said:
Quote:
In comment 12304338 jcn56 said:


Quote:



You don't, until they follow through on disclosure to indicate who was hit and who was spared, following a detailed investigation of course.

This would be a lot less frustrating if not for the fact that people have been pointing out the IRS was vulnerable for a very long time now. Apparently, the only thing more archaic and difficult to navigate than the tax code is the IRS' IT infrastructure.


To be fair, the IRS has had its budget cut by 18% over the past 5 years. Cyber security costs money.


True, but that should have been at least partially offset by the continuing increase in the % of tax returns being e-filed and the resultant cost savings. Where I have sympathy for the IRS is with respect to the end of the year legislation Congress passes and then expects them to implement in 3 weeks. IMHO the funding cuts shouldn't have been that much of a problem.
this wasn't a normal cyber security issue  
markky : 5/28/2015 1:36 pm : link
this wasn't an issue with lack of pen tests or network scans.

it was the confluence of several bad decisions:

- Turbotax and others making federal e-filing free

- Giving refunds on prepaid gift cards rather than paper checks or deposits into U.S. bank accounts

- Allowing filing fees for state taxes to be paid out of refunds

- Turbotax getting hacked

All of this made it easy for criminals to just submit massive amounts of false returns.

you'll know if you've been a victim if you try to e-file and the IRS doesn't allow it because someone has already filed a return in your name. if so, and you were previously a Turbotax customer, you may get a bill from Turbotax as well.

Is this predominately a problem for Turbotax filers?  
njm : 5/28/2015 1:40 pm : link
I hadn't read anything along those lines.
The attackers already had the personal information for the targets  
jcn56 : 5/28/2015 1:47 pm : link
Where the IRS went wrong (and I'm basing this off early information, which could change when more details are available) is not detecting a repeated attempt to pull tax application data from a single set of servers. Some 200k or so application requests in the span of 3 months, which should have registered as anomalous activity.
Thanks  
Deej : 5/28/2015 1:56 pm : link
Obama
RE: The attackers already had the personal information for the targets  
markky : 5/28/2015 2:10 pm : link
In comment 12304457 jcn56 said:
Quote:
Where the IRS went wrong (and I'm basing this off early information, which could change when more details are available) is not detecting a repeated attempt to pull tax application data from a single set of servers. Some 200k or so application requests in the span of 3 months, which should have registered as anomalous activity.


yes. they should have better detection of anomalous behavior. I wonder if we'll know how many false refunds were paid out.
RE: Is this predominately a problem for Turbotax filers?  
markky : 5/28/2015 2:12 pm : link
In comment 12304432 njm said:
Quote:
I hadn't read anything along those lines.


Predominately, maybe. an accountant friend of mine says he has a dozen customers that have had either state or federal returns fraudulently filed with their SSNs.
If  
mitch300 : 5/28/2015 2:29 pm : link
You have already received yor returns, can you assume you have not been hackd?
RE: If  
markky : 5/28/2015 3:11 pm : link
In comment 12304613 mitch300 said:
Quote:
You have already received yor returns, can you assume you have not been hackd?


if you've received your refunds then I don't think you need to worry about fraudulent filings with your SSN for 2014 tax year. it means the IRS and your state gov have processed your returns.

given magnitude of recent breaches, i'd still do a credit check.
the IRS is still too busy  
spike : 5/28/2015 3:13 pm : link
going after the Tea Partiers.

markky  
mitch300 : 5/28/2015 4:16 pm : link
Thanks!
Back to the Corner