- Is ‘Save Spider-Man from Sony’ fueled by pro-Disney bots? 4 Years Ago
- ‘Jawline’ takes a stunning look at influencers and the social media gold rush Today 7:00 AM
- Here’s what’s coming and going on Netflix in September 2019 Today 6:58 AM
- The biggest conspiracy theories around Area 51 Today 6:30 AM
- How to listen to YouTube music in the background on your phone Today 6:00 AM
- Lyft received a whopping 7 sexual assault lawsuits in a day Wednesday 10:00 PM
- High school reopens investigation into Nazi salute video after other racist videos emerge Wednesday 7:14 PM
- Facebook content moderators continue to suffer from brutal working conditions Wednesday 5:58 PM
- #RIPReese: Man bullied for relationship with trans woman dies by suicide Wednesday 4:46 PM
- Redaction error reveals ICE is paying Palantir $49 million Wednesday 4:25 PM
- People are using social media to raise awareness about the Amazon fires Wednesday 4:24 PM
- How to watch ‘Detective Pikachu’ right now Wednesday 3:56 PM
- Walmart is suing Tesla over fires at stores with solar panels Wednesday 3:44 PM
- Jeremy Renner asks nicely for Sony to let Spider-Man back in the MCU Wednesday 2:51 PM
- The best and safest torrenting sites you should be using in 2019 Wednesday 2:47 PM
More than three times as many Americans may have been affected by an IRS hack in March than previously thought.
Criminals potentially accessed the personal information of up to 338,000 taxpayers, the Internal Revenue Service said in a statement Monday. The agency originally reported only 114,000 victims.
The IRS says the perpetrators acquired access to the information through its online Get Transcript system, which stores information about individual taxpayers, including their Social Security numbers, street addresses, and dates of birth.
The system, which allows U.S. citizens to download tax returns and view tax payments, was disabled shortly after the breach. The government provided the initial 114,000 taxpayers whose information was known to be compromised at the time with free credit monitoring.
The IRS said it will send out letters over the next few days informing the new batch of potentially affected taxpayers.
“As part of the IRS’s continued efforts to protect taxpayer data, the IRS conducted a deeper analysis over a wider time period covering the 2015 filing season, analyzing more than 23 million uses of the Get Transcript system,” the agency said.
Potential security flaws in the Get Transcript system had been previously highlighted by computer security journalist Brian Krebs in March. The system was vulnerable, he wrote, because of its reliance on “challenge questions that can be easily defeated with information widely available for sale in the cybercrime underground and/or with a small amount of searching online.”
“Anyone who succeeds in supplying the correct answers can see the applicant’s full tax transcript,” added Krebs, “including prior W2s, current W2s and more or less everything one would need to fraudulently file for a tax refund.”
Photo by eFile989/Flickr (CC BY-SA 2.0)
Dell Cameron was a reporter at the Daily Dot who covered security and politics. In 2015, he revealed the existence of an American hacker on the U.S. government's terrorist watchlist. He is a co-author of the Sabu Files, an award-nominated investigation into the FBI's use of cyber-informants. He became a staff writer at Gizmodo in 2017.