Latest Breaking News

Omaha Steve

(99,494 posts) Tue May 26, 2015, 04:30 PM May 2015

APNewsBreak: IRS says thieves stole tax info from 100,000

Source: AP-Excite

By STEPHEN OHLEMACHER

WASHINGTON (AP) — Thieves used an online service provided by the IRS to gain access to information from more than 100,000 taxpayers, the agency said Tuesday.

The information included tax returns and other tax information on file with the IRS.

The IRS said the thieves accessed a system called "Get Transcript." In order to access the information, the thieves cleared a security screen that required knowledge about the taxpayer, including Social Security number, date of birth, tax filing status and street address.

"The IRS notes this issue does not involve its main computer system that handles tax filing submission; that system remains secure," the agency said in a statement.

FULL story at link.

Read more: http://apnews.excite.com/article/20150526/us--irs-breach-175f4a63b7.html

14 replies

= new reply since forum marked as read

Highlight:

APNewsBreak: IRS says thieves stole tax info from 100,000 (Original Post) Omaha Steve May 2015 OP

I feel so much better knowing onethatcares May 2015 #1

Oh, well, as long as our personal is secure--except for the personal info they control that isn't. valerief May 2015 #2

Will we be notified? a kennedy May 2015 #3

if you jackasses want my personal information so bad . pay me $15.00 a shot . i hope you guys swing allan01 May 2015 #4

Lovely. I used the "Get Transcript" service a couple of months ago. lady lib May 2015 #5

if someone gets ahold of your SocSec number, your financial security is seriously compromised 0rganism May 2015 #6

The problem isn't the social security number, it is systems that use to verify your identity. Thor_MN May 2015 #8

using SSN as UID is a security mistake, too Psephos May 2015 #11

Ridiculous. It is nothing more than a unique ID for a US citizen. Thor_MN May 2015 #12

read this for a concise explanation of why Psephos May 2015 #13

I suggest you read it, it says the same thing that I did. Thor_MN May 2015 #14

I guess the NSA and Patriot Act doesn't protect us where it counts. L0oniX May 2015 #7

What is the "Get Transcript" service. When would one use it? Hoppy May 2015 #9

I was one of them GusBob May 2015 #10

onethatcares

(16,161 posts)

1. I feel so much better knowing

Reply to Omaha Steve (Original post)

Tue May 26, 2015, 04:35 PM

May 2015

"the IRS notes this issue does not involve..................................................; that system remains secure".

I mean who else ya gonna trust in these matters?

valerief

(53,235 posts)

2. Oh, well, as long as our personal is secure--except for the personal info they control that isn't.

Reply to Omaha Steve (Original post)

Tue May 26, 2015, 04:39 PM

May 2015

a kennedy

(29,615 posts)

3. Will we be notified?

Reply to Omaha Steve (Original post)

Tue May 26, 2015, 05:01 PM

May 2015

allan01

(1,950 posts)

4. if you jackasses want my personal information so bad . pay me $15.00 a shot . i hope you guys swing

Reply to Omaha Steve (Original post)

Tue May 26, 2015, 05:34 PM

May 2015

get a real job

lady lib

(2,933 posts)

5. Lovely. I used the "Get Transcript" service a couple of months ago.

Reply to Omaha Steve (Original post)

Tue May 26, 2015, 06:24 PM

May 2015

I wonder if the IRS will let me know if I'm one of the unlucky 100,000.

0rganism

(23,927 posts)

6. if someone gets ahold of your SocSec number, your financial security is seriously compromised

Reply to Omaha Steve (Original post)

Tue May 26, 2015, 07:33 PM

May 2015

"In order to access the information, the thieves cleared a security screen that required knowledge about the taxpayer, including Social Security number, date of birth, tax filing status and street address."

once a thief has your SocSec number and can associate it with your legal name, the rest is relatively simple.

Thor_MN

(11,843 posts)

8. The problem isn't the social security number, it is systems that use to verify your identity.

Reply to 0rganism (Reply #6)

Tue May 26, 2015, 09:58 PM

May 2015

Said another way, the social security number is your UserID, it should NEVER be used as a password. If anyone requests your SSN or part of it to verify your identity, you should tell them that is not acceptable. Use it as my account number and I don't care. Use it as my password, and I have major issues.

If anyone wants your SSN, it's out there. Don't allow it to be used as a password, to verify your identity.

Psephos

(8,032 posts)

11. using SSN as UID is a security mistake, too

Reply to Thor_MN (Reply #8)

Wed May 27, 2015, 12:10 AM

May 2015

SSN should never be used except under force of law. Crypto 101.

Thor_MN

(11,843 posts)

12. Ridiculous. It is nothing more than a unique ID for a US citizen.

Reply to Psephos (Reply #11)

Wed May 27, 2015, 07:40 AM

May 2015

What are you going to do, assign each person a different random number for every transaction? Real World 101.

Psephos

(8,032 posts)

13. read this for a concise explanation of why

Reply to Thor_MN (Reply #12)

Wed May 27, 2015, 03:35 PM

May 2015

http://www.theverge.com/2012/9/26/3384416/social-security-numbers-national-ID-identity-theft-nstic

Thor_MN

(11,843 posts)

14. I suggest you read it, it says the same thing that I did.

Reply to Psephos (Reply #13)

Wed May 27, 2015, 06:54 PM

May 2015

It talks about using the SSN to validate someone's ID, i.e. as a password. As a userID it isn't anymore reavealing than your name and address. The danger is when it is used as a password.

"The SSN is the ultimate password because it’s always the same, whether you’re talking to your bank or your doctor, and so many companies use it to authenticate customers over the phone."