Identity thieves attempted to breach computer systems at the Internal Revenue Service to file fraudulent tax refunds.
The criminals were especially after E-file PINs, which are used by some individuals to electronically file a return, the agency said in a statement released Tuesday. Around 464,000 unique social security numbers were involved, and of that total, 101,000 SSNs were used to successfully access an E-file PIN.
The thieves used personal taxpayer data that was stolen elsewhere to help generate the PINs, the agency said. No personal data was compromised or disclosed by IRS systems, and affected taxpayers will be notified by mail of the attack. “The IRS is also protecting their accounts by marking them to protect against tax-related identity theft,” the agency added.
Last week, the IRS temporarily could not accept many taxpayer returns after a systemwide computer failure occurred. The agency said this attack was unrelated to the outage.
This year’s attack follows a massive data breach at the IRS in 2015, when hackers stole information from 330,000 taxpayers to successfully file bogus tax refunds and obtain $50 million in federal funds.
A later inspector general report found that the computer system the IRS had been using to detect identity theft may have been vulnerable to hackers.