Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors


GOLDMAN SCARLATO & PENNY, P.C. Investigates IRS Data Breach

GSP, P.C. is investigating a possible claim on behalf of taxpayers in connection with the recent announcement that personal data of approximately 104,000 taxpayers has been stolen via the IRS “Get Transcript” online system. Get Transcript allows a taxpayer to use the IRS website to download tax forms that the taxpayers might need for other purposes like applying for a mortgage or college financial aid.

According to CNN Money, IRS Commissioner John Koskinen believes that the true mission of the fraudsters was to gather vast amounts of personal information. Armed with that information, fraudsters can open bank accounts, credit lines and steal tax refunds in the future. CNN Money reported that last week, the IRS spotted an odd flood of computer traffic and initially thought its website was facing a cyberattack to block its services. But on further investigation, it discovered that the slew of requests were pulling data from its “Get Transcript” service and the agency immediately cut off communication.

According to the IRS, “In all, about 200,000 attempts were made from questionable email domains, with more than 100,000 of those attempts successfully clearing authentication hurdles.” The criminals were successful in stealing personal data because they had previously stolen Social Security numbers, birthdays, addresses and other information. In addition, they were able to answer personal identity verification questions.

With the stolen information, about 15,000 of the downloaded forms were successfully used to steal tax refunds to the tune of $50 million.
According to a May 31, 2015 article in the Dallas Morning News by business columnist Pamela Yip, the IRS data breach has caught the attention of congress. The article quoted Sen. Orrin Hatch, R-Utah, chairman of the Senate Finance Committee who stated: “That the IRS – home to highly sensitive information on every single American and every single company doing business here at home – was vulnerable to this attack is simply unacceptable. What’s more, this agency has been repeatedly warned by top government watchdogs that its data security systems are inadequate against the growing threat of international hackers and data thieves. ”

According to the Dallas Morning News, the Senate Finance Committee will hold a hearing on June 2, 2015 on the IRS data breach, and one of the factors the IRS will likely bring up is budget cuts. The article referred to a January message to IRS employees from Commissioner Koskinen who said that budget cuts will mean delays to “critical IT investments” of more than $200 million. “This means that new taxpayer protections against identity theft will be delayed,” he said.

The obvious question that follows is from where did the criminals steal the prior personal data used to access Get Transcript? The answer may never be known, but some are looking to the recent major data hack at TurboTax, and similar data breaches at Target, Anthem, Inc. and Premera Blue Cross. For the record, Koskinen said there is “no indication there is any connection” to the recent data breaches.

Technically, the IRS does not consider this a data hack. “This is just the latest manifestation of people getting enough data to masquerade as a taxpayer,” Koskinen said. By gathering the personal information, the criminals would be able to steal tax refunds in the future, in addition to other personal identity crimes such as opening bank accounts and establishing credit lines.
According to CNN Money, the IRS has temporarily shut down Get Transcripts while it upgrades security. In addition, the IRS will notify the 200,000 affected taxpayers by mail and are offering a credit protection program to them. The IRS is also “offering a secure PIN to the 104,000 whose tax forms the IRS is sure were exposed. It’s not offering that protection to the other 100,000 people — even though they arguably need it too (given that criminals already have their Social Security numbers and can already claim tax refunds in their names).”
According to the Government Accountability Office (GAO) tax refund fraud last year reached nearly $6 billion from both state and federal thefts. According to, the game changed this year, “fraudsters changed their tactics, leading to a huge spike in attempted fraudulent refund requests — particularly at the state level.” The Wall Street Journal noted that “In February, Utah state tax officials found that a few fraudulent 2014 state returns closely resembled 2013 returns. The similarities made the fraud harder to detect and suggested that scammers had access to the taxpayers’ 2013 returns.”

The grave concern is what will these fraudsters do next? The IRS stated that the stolen tax filings may have been gathered, “with an eye toward using them for identity theft for next year’s tax season.”

If you have been notified by the IRS that your information was stolen through Get Transcript, please contact a GSP attorney to learn more about your rights. GSP attorneys are actively litigating data breach actions against Community Health Systems, Anthem, Premera and Target. Please contact Mark Goldman at [email protected] or Paul Scarlato at [email protected] or call (484) 342-0700 with any questions you may have.

In our legal system, every person is innocent until and unless found guilty by a court of law or a tribunal. Whenever we reference “allegations” or charges that are “alleged,” such allegations or charges have not been proven, and are merely accusations, not findings of fault, as of the date of the blog. We do not have, nor do we undertake, a duty to continue to monitor or follow cases about which we report, and/or to publish subsequent updates regarding various developments that may occur in such cases. Readers are encouraged to conduct their own research regarding any such cases and any developments that may or may not have occurred in such cases. Also, the brokercheck report linked to some of our blogs is the up-to-date version as of the date of accessing. Visitors may check the most recent version of each brokercheck report at

Leave a Reply