Due to precautions related to COVID-19, we have expanded our options for remote consultations. Please contact our office to discuss whether a full phone consultation or video conference is appropriate for your situation.

IRS data breach: an important difference

The complexity of cyber security is demonstrated by the recent disclosure of the Internal Revenue Service that 100,000 taxpayers had their tax returns accessed by criminals. This incident was different from previous high-profile breaches of cyber security, such as the hacking of credit card numbers at Target or Home Depot. The criminals technically did not hack the IRS systems at all.

Instead, they used information they obtain elsewhere to gain access to taxpayer tax return information in a manner identical to how the taxpayer would access the system. The IRS, like many entities, uses a “knowledge-based” system to authenticate authority to access information on their systems.

This knowledge typically involves personal information that only a taxpayer would know, such as their favorite pet, their grade school or their mother’s maiden name. This information is usually so random or obscure that no one could guess the information in a timely manner.

To the criminals rescue comes Facebook and other social media sites. Much of this random, obscure information is posted there, often for all the world to see. Armed with this information, criminals can enter the IRS, healthcare or financial systems, without triggering any obvious signs of hacking.

For anyone with information on social media sites, the clear warning is that if it is ever used on your Facebook page, you have to presume a criminal could find it and it should not be used as authentication answers used to access confidential information, no matter the type.

It also means it will be more challenging to protect that information, as criminal data mining becomes more sophisticated and ubiquitous.

Source: foxbusiness.com, “Taxpayers Need to Protect Themselves When IRS Can’t,” Dunstan Prial, May 27, 2015

Findlaw Network

Archives

Office Location

Edina Tax Law Office
Pridgeon & Zoss, PLLC
7301 Ohms Lane, Suite 420
Edina, MN 55439

Telephone: 952-835-8320
Fax: 952-835-0201
Edina Law Office Map

St. Anthony Tax Law Office
Pridgeon & Zoss, PLLC
2812 Anthony Lane South, Suite 200
St. Anthony, Minnesota 55418

Telephone: 612-455-8948
Fax: 612-788-9879
Map & Direction

column-side-img