“When the federal government fails to protect private and confidential taxpayer information, Congress must act,” said Sen. Orrin Hatch (R-UT), chair of the Finance Committee, said in a statement. “Taxpayers deserve to know what happened at the IRS regarding the data theft.”
In a letter to the IRS Wednesday, Hatch said the practice of criminals using stolen personal information to steal refunds was “a growing concern.” (The IRS says it paid $5.8 billion in fraudulent tax refunds last year.) He asked the IRS for a confidential briefing, separate from the public hearing, where officials could share more information with lawmakers about when they became aware of the attack and how many people were affected.
The scrutiny highlights some of the questions that remain as the IRS investigates the attack, through which criminals used the “Get Transcript” tool on the IRS Web site to download old tax returns. Could the agency have done something to prevent the leak? And will the steps the IRS is taking, such as offering credit monitoring services, be enough to protect taxpayers who had some of their most sensitive information accessed by the criminals?
IRS Commissioner John Koskinen said on Tuesday that the agency is still investigating the attack and that officials would work to find ways to make it more difficult for criminals to pose as taxpayers. He said the agency believed that the tax information was stolen so that the criminals could file fraudulent tax returns and steal refunds.