14 DAY TRIAL // The US Internal Revenue Service (IRS) has revealed details about a cyber-attack that took place last month, during which attackers tried to illicitly generate E-filing PINs for over 464,000 Americans.
For many years, the IRS has allowed US citizens to file their taxes online, via its official Web portal. To do this, all users have to do is fill in a special form, which, in the end, will provide them with a special 5-digit code called "E-filing PIN" that's used to authenticate their real identity. This E-filing PIN can be used later, when filing tax returns.
Someone tried to generate E-filing PINs for 464,000 US citizens
According to an IRS statement released yesterday, the agency is reporting that, about a month ago, an unknown assailant launched an automated attack that abused the E-filing PIN generator.
The attacker tried to feed this form with over 464,000 SSNs (Social Security numbers) to obtain E-filing PINs. The IRS says he was successful in obtaining PINs for over 101,000 SSNs.
IRS officials think that an automated bot might be involved in the incident and that the attackers used SSNs and personal details acquired from other breaches, not from its own servers.
"No personal taxpayer data was compromised or disclosed by IRS systems," the agency noted yesterday. "IRS cybersecurity experts are currently assessing the situation, and the IRS is working closely with other agencies and the Treasury Inspector General for Tax Administration. The IRS also is sharing information with its Security Summit state and industry partners."
No taxpayer information was leaked during the automated attack
Agency representatives were quick to point out that no taxpayer information from its own servers was exposed during this attack.
As for all the individuals whose SSNs were tested in the automated attack, the IRS said it would mark their accounts to protect them against any tax-related identity theft. Additionally, the agency will be sending out notifications about the incident to each person via ground mail.
IRS officials claim the incident had nothing to do with an outage the service faced last week.