On Tuesday May 26th 2015, the Internal Revenue Service (IRS) acknowledged and confirmed that they had been hacked, and that the breach had compromised a little over 100,000 files and sensitive documents of taxpayer information between February and mid-May of this year. These files most likely contained a full scope of personally identifying information (PII) including social security numbers and income.

What’s more troubling about this Internal Revenue Service breach, is that the attackers may have obtained information about the victims prior to the hack, according to the Internal Revenue Service. They knew some of the identifying information going into it, including the answers to several personal identity verification questions which are typically only known to the unique taxpayer.

The government plans to assign its criminal investigation division to look into the hack attack, and it will notify the 100,000 taxpayers who were targeted. Along with this, the Internal Revenue Service have pledged to pay for a credit monitoring service for all of the compromised victims.

For more information regarding this Internal Revenue Breach, please contact one of the following GraVoc employees:

Nate Gravel – Director of the Information Security Practice ngravel@gravoc.com

Related articles

 

Need-to-Know Privilege Explained

Need-to-Know Privilege Explained

In this blog post and video, we explore need-to-know privilege in cybersecurity and why it’s important for organizations to assign user permissions on a need-to-know basis.

read more

Pin It on Pinterest

Share This