IRS Data Breach Redux

Written by Jonathan & Erik Bernstein | Edited by ian

Last updated on Feb 17, 2023

Sections of this topic

A-female-software-developer-signalling-a-breach-in-their-system

Stolen info allows hackers to penetrate E-file systems

2015 saw a major IRS hack that compromised the information of over 300,000 taxpayers, and 2016 isn’t starting off much better. This time around, hackers gained access to E-file PIN numbers of over 100,000 accounts.

To its credit, the IRS did release a statement informing stakeholders what had happened:

The IRS recently identified and halted an automated attack upon its Electronic Filing PIN application on IRS.gov. Using personal data stolen elsewhere outside the IRS, identity thieves used malware in an attempt to generate E-file PINs for stolen social security numbers. An E-file pin is used in some instances to electronically file a tax return.

No personal taxpayer data was compromised or disclosed by IRS systems. The IRS also is taking immediate steps to notify affected taxpayers by mail that their personal information was used in an attempt to access the IRS application. The IRS is also protecting their accounts by marking them to protect against tax-related identity theft.

IRS cybersecurity experts are currently assessing the situation, and the IRS is working closely with other agencies and the Treasury Inspector General for Tax Administration. The IRS also is sharing information with its Security Summit state and industry partners.

Based on our review, we identified unauthorized attempts involving approximately 464,000 unique SSNs, of which 101,000 SSNs were used to successfully access an E-file PIN.

The incident, involving an automated bot, occurred last month, and the IRS continues to closely monitor the web application.

This incident is not connected or related to last week’s outage of IRS tax processing systems.

As can be expected from the IRS, there’s a glaring lack of compassion in the statement. It does get the facts out, and it’s not exactly surprising that the IRS isn’t able to communicate on a human level, so it works. Of course, if we were one of the affected individuals we’d be wondering where “elsewhere outside the IRS” my information was stolen from…

——————————-
For more resources, see the Free Management Library topic: Crisis Management
——————————-

[Jonathan Bernstein is president of Bernstein Crisis Management, Inc., an international crisis management consultancy, author of Manager’s Guide to Crisis Management and Keeping the Wolves at Bay – Media Training. Erik Bernstein is vice president for the firm, and also editor of its newsletter, Crisis Manager]

– See more at: https://management.org/blogs/crisis-management/2016/02/09/crisis-risk-many-hack-victims-fail-to-notify-business-partners/

Jonathan & Erik Bernstein

Recommended for you

Frequently Asked Questions About Peer Coaching Groups

Peer Coaching Groups: Your FAQs Answered We assume that you have already read the information on the page Start a Virtual Support Group to Help With Stresses of COVID-19. The information on that page would answer all of the typical questions about planning and operating a support group. However, the following questions still tend to …

Organization Development

Corporate Ethics

© Copyright Carter McNamara, MBA, PhD, Authenticity Consulting, LLC. Corporate Business Ethics Rebuilding Trust: The Corporate Governance Opportunity for 2012 Restoring Trust in Corporate Governance Conflicts of Interest: Requiring a Closer Governance Focus Compliance and Ethics in Risk Management Board’s role in ethics and compliance The Conflict of Interest Blog Divided Loyalties: Conflicts of Interest …

Organization Development

Overview of the Field of Organization Development

Much of the contentof this topic came from this book: Copyright Carter McNamara, MBA, PhD Focus and Scope of This Topic The purpose of this topic is to acquaint the reader with the field of Organization Development, a field with a rich history of research, publications, and highly qualified practitioners dedicated to improving the performance …

Organization Development

Educational Programs in Organization Development (OD)

Competencies for Organization Development (OD) Practitioners The contents of this page has been moved to https://management.org/organizationalchange/org-change-competencies.htm. For the Category of Organizational Change and Development: To round out your knowledge of this Library topic, you may want to review some related topics, available from the link below. Each of the related topics includes free, online …

Organization Development

Why Crisis Communications is Crucial for Business Continuity

What is crisis communication? Business continuity is just one element of strategic why crisis communications and failure to recognize this reality can leave you dangerously vulnerable to communication or reputation-related threats. Any company believing that a business continuity plan alone makes it prepared to face a serious crisis situation is in for a sudden surprise. …

Organization Development

The Pros and Cons of Edgy Marketing in the Digital Age

Edgy Marketing in the Digital Era: Pros and Cons One of the most common questions for clients to ask us today is, “How far is too far when it comes to edgy marketing?”. Competition for audiences across all forms of media is at an all-time high, and for brands that are struggling to break through …

Organization Development

Digital and Online Now Main Source Of News

What does this shift mean for your own crisis management efforts? I don’t think anyone will be surprised when I say that most people get their news online today, with a massive number neglecting traditional reporting in favor of social media. In 2000, about half of all Americans used the internet. Today, with smartphones and …

Organization Development

Ready for 2021? Take the Crisis Management Survey Now

[There’s a link to our new survey at the end of this post, but if you’re eager to get your copy of “10 Questions To Ask Yourself About Crisis Management in 2021” now, just click here.] Preparedness is key to surviving the new normal Over the course of 2020, we have seen a number of …

Organization Development

Challenges Ahead for Crisis Preparedness and Response

Challenges Ahead: Navigating Crisis Preparedness and Response The Crisis Preparedness and Response for almost 40 years of crisis management experience have seen America more prone to erupt in new crises than right now. No one likes to look at hard truths, yet part of our job as crisis management professionals, and that of those in …

Organization Development

How to Develop a Cyber Breach Crisis Management Plan

Making a Cyber Breach Crisis Management Plan These days, protecting your organization from cybercrime is just as, and possibly even more important than securing your physical facility. Cybersecurity is always evolving and you need to keep up with best practices to help prevent data breaches that could compromise your company’s reputation. With that said, it’s …

Organization Development

Audi's 'Insensitive Ads': The Importance of Asking Questions

Audi’s ‘Insensitive Ads’: Questioning Interpretations Steer clear of this increasingly common marketing fail Before we get into it here, I want you to take a look at the image above, -which features a young girl snacking on a banana and leaning against a car – and consider the fact that it just resulted in Audi …

Organization Development

The Road To Crisis Recovery

[Editor’s note: Especially as the world looks towards recovery from the impact of coronavirus, we felt readers would find this guest post from UK crisis communications consultant Amanda Coleman particularly useful.] Communicating through crisis to recovery Moving from crisis to recovery is not as simple as it may sound if it is to be done …

Organization Development

Preparing DURING The Pandemic

It’s not too late to get serious about coronavirus crisis management So you didn’t have a pandemic plan, or what you thought was a pandemic plan turned out to be more of a ‘serious-but-quick outbreak’ plan rather than something addressing the lengthy battle that the fight against COVID-19 has turned out to be. And of …

Organization Development

Coronavirus: What You CAN Control

Let’s face it, we’re all a little worried. While pandemics aren’t new, the rapid spread and global impact of the COVID-19 coronavirus has already changed the way we live and work before it’s even peaked. Adding to the worry in this type of situation are the many, many factors that are out of our control, …

Organization Development

COVID-19 Crisis Communications: Lessons from Southwest

Southwest Airlines: Lessons in COVID-19 Crisis Communications Right now our Bernstein Crisis Management team is working with clients across the country to anticipate, prepare for, and respond to COVID-19 concerns impacting both operations and customer trust. One of the most widespread fears is that of using public transportation, particularly air travel, which is why we …

Organization Development

Get the latest Business News

IRS Data Breach Redux

Stolen info allows hackers to penetrate E-file systems