The Internal Revenue Service recently had to admit that the hackers had used an online service provided by the American government’s tax collecting agency in order to gain access to data of over 100,000 taxpayers. The leaked data included tax returns and other information kept by the IRS.


The Internal Revenue Service explained that the intruders accessed a system known as “Get Transcript”. In order to obtain the required data, the hackers cleared a security screen, which required to provide some personal information about the taxpayer, including SSN, date of birth, address and tax filing status.

The government agency pointed out that the problem in question didn’t involve its main computer system hosting tax filing submission. The IRS claimed that the main system remained secure and that it found out that the hackers targeted their system from February to mid-May 2105. As a result, the service has been temporarily suspended.

Overall, the security experts estimated that about 200,000 attempts were made from suspicious email domains. In the meantime, over half of those attempts successfully cleared authentication hurdles. The Internal Revenue Service confirmed that during the current filing season, taxpayers successfully and safely downloaded about 23m transcripts.

The security specialists said that the leaked tax returns can include sensitive personal data that can allow the hackers to steal an identity – for example, government old-age pension numbers and birth dates of dependents and spouses. Worse still, the government agency said that the thieves appeared to already have enough personal data about the victims. At the moment, the tax authority is notifying taxpayers whose information was compromised