According to the Internal Revenue Service (IRS), 2.7 million taxpayers were victims of identity theft in 2014. These fresh revelations have brought cybersecurity into the spotlight once again. John Koskinen, the IRS Commissioner has said the agency is increasing its efforts to improve the tax filing system by next year.
Massive Security Breach
Koskinen made these revelations while speaking before the Senate Finance Committee. The agency has decided to collaborate with companies dealing with tax software as well as state governments to thwart the efforts of hackers who attempt to make away with people’s tax returns.
The IRS commissioner was replying to questions about how hackers managed to gain access to 104,000 tax forms using the IRS website. This data leak was due to a service known as “Get Transcript.” This provides access to tax forms of past years, information essential when applying for financial aid to a college or a mortgage.
This was used by unknown hackers to gain access to personal data. Pretending to be genuine taxpayers, they attempted to download 200,000 forms during the Feb-May period. Ultimately, they managed to steal around half that number.
Hackers Target Refunds, Personal Data
Approximately 13,000 of these forms were used to made false tax refunds. But Koskinen believes worse may be in store. He says that the real objective of these criminals was to steal personal data. This is because the Get Transcript service can only be accessed by utilizing personal data stolen previously.
This includes addresses, birthdays and Social Security numbers. Access to the service also requires users to answer stringent questions to verify identity. This means that the fraudsters already had access to such sensitive personal information. Such data can be utilized to secure credit lines, open bank accounts and steal even more tax refunds going forward.
As of now, the Get Transcript service has been disabled as a temporary measure. With 23 million downloads over the last few months, Get Transcript is a popular service. The IRS is trying to make the app more secure, while trying to make it as user friendly as possible at the same time.
Budget Cuts and System Upgrades
Treasury Inspector General J. Russell George said the IRS failed to implement a number of suggested security upgrades to fend off such security breaches. Both Koskinen and George, however, agreed that these fraudsters were part of a global crime syndicate. The latest attack has resulted in a loss of $39 million for the IRS.
Koskinen said that reductions in budgets have acted as a major obstacle for improving cybersecurity. Funds on this front have been reduced from $187 million in 2011 to $149 million for the current fiscal year. Congress has reduced the IRS budget by $1 billion compared to 2010 levels to $10.9 billion for the current year.
Partnering with States, Industry
The IRS commissioner said he held a meeting with tax officials at the state levels and chiefs of established tax software and related companies three months ago. These probably included the likes of H&R Block HRB and Intuit INTU. These stakeholders have agreed to enter into a partnership focusing on the next tax filings period. Officials and companies will share data and boost security in an effort to thwart similar threats.
According to IRS estimates, $5.8 billion was lost through falsified returns in 2013. At the same time, nearly four times of that amount was saved by thwarting similar attempts. Koskinen said refund fraud jumped during 2010 and 2012. Since then, things have gone from bad to worse. According to the IRS, the agency has prevented fraud attempts worth $63 billion during 2011-14.
Stocks in Focus
Apart from Intuit and H&R Block, companies in the cybersecurity sphere will gain from such episodes. This is due to the focus on the Senate hearing on the IRS breach. Assurances from the agency that security will be stepped up have helped the sector as well.
After the end of Wednesday’s trading session, FireEye, Inc. FEYE said it had entered into a partnership with Visa V. This is aimed at offering a threat intelligence service to those merchants tied to Visa as well as related card issuers.
Prominent security technology winners of the day included the likes of Vasco Data Security VDSI and KEYW Holding KEYW, which gained 5.4% and 7.6%, respectively. Proofpoint PFPT, AVG AVG, Qualys QLYS and Imperva IMPV moved up 2.9%, 3.5%, 3.8% and 3.3%, respectively.
In Conclusion
Koskinen has said the incident proves that such fraudsters have stepped up attempts to gain access to personal data. He underlined their proficiency with data analytics and their ability to answer personal questions. This lays special emphasis on the importance of cybersecurity. Related companies are expected to grow in prominence and make further gains in the days ahead.
Want the latest recommendations from Zacks Investment Research? Today, you can download 7 Best Stocks for the Next 30 Days. Click to get this free report >>
Want the latest recommendations from Zacks Investment Research? Today, you can download 7 Best Stocks for the Next 30 Days. Click to get this free report
Be the first to comment