A hack into the computer systems of the Internal Revenue Services (IRS) in May was far larger than initially reported, the agency said on Monday.

New figures released indicate that the records of some 330,000 tax paying American citizens were compromised in the hack, with attempts to access a further 280,000 records thwarted by the otherwise lackluster security provided by the IRS’ security systems.

The IRS had previously said that the attack had targeted 225,000 U.S. households and had included about 114,000 successful attempts and 111,000 unsuccessful ones.

Although not fully clear, it would appear that the extra figures may have come from a deeper investigation by the IRS going back to November 2014, whereas initial figures only covered the period of February to May 2015.

Russians

The attack was previously believed to have originated in Russia, and utilized an IRS service called “Get Transcript” which allows taxpayers to access their tax returns online.

It’s not entirely clear whether the Russian hackers breached the IRS servers, or simply managed to use a mixture of social engineering along with user details such as stolen social security numbers to access the system.

Whichever way they accessed the records, the theft is not exactly positive, or as the Chairman of the House Ways and Means subcommittee Rep. Roskam said “today’s revelation that the IRS didn’t fully understand this security breach for months is not confidence-inspiring.”

Senate Finance Committee Chairman Orrin Hatch added that the new revelations were “deeply concerning,” and that the agency’s inability to block the attacks “risks further fraud for hardworking taxpayers.”

The agency, as per the usual stock standard replies by various arms of the Government who have failed once again in providing adequate security, issued a statement with the typical motherhood statements about helping those affected.

“The IRS is moving aggressively to protect taxpayers whose account information may have been accessed,” the statement read. “The IRS will begin mailing letters in the next few days to about 220,000 taxpayers where there were instances of possible or potential access to ‘Get Transcript’ taxpayer account information.”

In addition the agency said that it would be notifying all potential victims and offering free credit monitoring services as well as a program that assigns them a special ID number that they must use to file their tax returns.

In an age where Government wants to monitor and access data of more and more people as part of the encroaching security state, the fact that they can’t even adequately protect the data they have now speaks volumes as to why many distrust the Government with their private information.

Image credit: 23165290@N00/Flickr/CC by 2.0