The latest tally was uncovered during a nine-month investigation of the “Get Transcript” application, leading back to when it was launched in January 2014. The agency said Friday that the review showed criminals made even more attempts to steal tax returns through the tool by using personal details that may have been stolen somewhere else, such as a taxpayer’s Social Security number and home address.
This is the second update from the IRS about how many taxpayers were affected by the vulnerability on its website, following an announcement in August. When the IRS first reported the issue in May, it said 114,000 taxpayers may have had their tax data compromised. In August, it bumped the total up to about 330,000.
Identity theft has been a growing area of concern for the IRS after an apparent surge in tax fraud last year. The number of identity theft complaints filed with the Federal Trade Commission grew by more than 50 percent in 2015 from the year before, due primarily to an increase in tax-related fraud.
Criminals are upping their efforts to collect personal information from taxpayers to be able to file phony tax returns that look more legitimate in an effort to cash in on lucrative refunds. By obtaining previous tax returns, identity thieves can access a taxpayer’s most sensitive financial information, including details about their jobs, salaries, investments and even their children’s names.
The IRS said it is working with tax software companies and state tax officials to share information about suspicious filings to help catch fraud as it happens. The agency will start mailing notices to the affected taxpayers Monday. Victims will also get free identity theft protection services and new identification numbers from the IRS that are meant to make it more difficult for criminals to file false returns in their name.