Responding to the IRS Breach

On May 26, the IRS reported that thieves had managed to access approximately 104,000 individual taxpayer accounts through the ‘Get Transcript’ application. Thieves gained access to the information by using information from third-party sources to login online and answer personal security questions. The question now is how you should be responding to the IRS breach.

The IRS will be reaching out to individuals who were affected by the data breach. However, there are steps you can take to protect yourself from an event like this in the future. For Florida, Georgia and Washington, D.C. residents, you can enroll in the new IRS IP PIN program. You can  register online with the IRS to obtain an IP PIN that must be used when you file your tax return. The IRS will provide you with a new IP PIN in December each year to help enhance the identity theft protections.

We have provided a link to step-by-step instructions here.

Kerri Anne Renzulli from Time.com/money offers some tips on how to respond if you think you may be a victim of tax identity theft:

  • Contact the IRS Identity Protection Specialized Unit at 800-908-4490. You may also want to contact your state revenue agency and the police if an identity theft event has occurred.
  • Regardless of your state of residence, if an identity theft event has occurred the IRS will issue you an IP PIN each year to file your returns until they have determined the situation has been resolved.
  • Contact the three major credit reporting agencies to set up free fraud alerts. While tax fraud and credit fraud protection are separate processes, someone who has access to your tax information may also be able to gain access to your credit. You can also put a credit freeze on your account.
  • You are legally entitled to a free credit report from Equifax, Experian, and TransUnion once per year. Review your credit each year to see if there are unusual or fraudulent transactions.

The IRS can take up to six months to sort out a tax identity theft case. During that time, we recommend working with a tax professional who can handle communication with the IRS.

One last piece of advice: Be careful what you post on the internet! The thieves who accessed personal information from the IRS were able to get through by piecing together personal security answers from information that people freely provided through social media, including Facebook, Twitter, LinkedIn, Google+, and other networks.