NEWS
NEWS
NEWS
100K taxpayers compromised in latest IRS hack
Some changes are clearly in order at the cybersecurity department of the U.S. Internal Revenue Service. Less than six months after admitting that hackers pilfered personal information about more than 300,000 individuals from its website, the agency has revealed that another 101,000 accounts were compromised in a similar attack a few weeks ago. The breach occurred shortly before a mysterious outage disabled electronic tax return filing for two days.
To dispel potential concerns, the IRS clarified in a statement that the two incidents are believed to be unrelated. The alert goes on to detail that the hackers employed Social Security Numbers harvested from an external source, likely one of the numerous private companies that were breached over the last few months, to exploit the E-Filing PIN form on its website. Taxpayers have to submit the application in order to receive a personalized code that is used to verify the authenticity of their return claims.
The assimilants presumably sought to replicate the success of the first attack against the IRS last year, which yielded an estimated $50 million in unlawful refunds along with a treasure trove of personal details. Thankfully, however, the agency says that the leak didn’t affect much else besides the PINs of the 101,000 compromised accounts. That should provide some limited measure of comfort for the affected taxpayers, although the methodology of the hack raises bigger questions about the IRS’s cybersecurity.
The agency said that the attack employed a bot programmed to automatically input SSNs and other requisite information from its creators’ stolen data cache into the E-Filing PIN application. Only one out of four attempts was successful, meaning that more than 400,000 requests were made before the IRS managed to detect the effort. This seems to suggest that its website, or at the form tool, lack a reliable mechanism to protect against brute-force attacks. Considering that even e-commerce stores often block access after a certain number of repeated actions like failed logins, the absence of such a system constitutes a major failure on the agency’s part.
The issue reflects the broader need for better security in the public sector amid today’s growing cyber threats. The repercussions of poor network protection became all too clear after the breach at the Office of Personnel Management last year, which reportedly saw Chinese hackers make away with the records of 18 million federal employees, many of whom hold security clearances.
Image via JavadR
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
