Data breaches at the IRS that allowed hackers to gain access to the personal data of tens of thousands taxpayers and divert tax refunds have resulted in new safeguards for data security at the agency, officials announced Thursday. The safeguards were discussed in a March meeting among private industry representatives and government officials. But one of the most recent breaches occurred last month when hackers used the personal information of more than 100,000 people to access their tax data and stole $39 million in fraudulent returns.
The new safeguards will bring in a rigorous identity verification process for releasing personal information online and broader efforts to find fraud in the system. The IRS will team up with tax preparation firms as the safeguards are developed.
“For the first time, everyone in the software industry will share aggregated details about their filings to help us all identify fraud,” said John Koskinen, the IRS commissioner, according to the New York Times.
At the beginning of this month, Koskinen had confirmed that of the 100,000 accounts that were breached last month, just 13,000 had been flagged as having successfully received returns from the breaches. Many of the accounts had already filed their taxes and received a return, according to the Washington Examiner.
The IRS is planning on making the changes to the system in a permanent way that Koskinen said is akin to changing the DNA of the tax security process. Over the summer, the safeguards will begin to be implemented, and the whole system is expected to be reformed by next year’s tax filing.
Also this week, a massive breach in the records of federal government workers laid bare the vulnerabilities of other government databases and digital presences. The breach affected 4 million federal employees, and was the most recent in a series of embarrassing data breaches for the U.S. government.