With every new data breach is the release of a little bit more personal information. Combined, that knowledge can be enough for hacker to impersonate someone.
If you can’t trust the government to keep your data safe, who can you trust?
Thousands of U.S. taxpayers are anxiously waiting to find out if thieves had accessed their personal and financial data after the Internal Revenue Service said Tuesday that a “sophisticated” organized crime syndicate had targeted one of its online tools.
The thieves accessed records on more than 104,000 taxpayers, which were used to claim refunds totaling no more than $50 million—many of which had later been voided.
IRS commissioner John Koskinen played down the data leak. “Our basic information is secure,” he said at a Tuesday press conference. “This is just the latest manifestation of people getting enough data to masquerade as a taxpayer.”
Though a massive amount of data were leaked, IRS systems were not breached. The agency said in a statement that late last week, thieves flooded the tax agency’s online “get transcript” tool—where taxpayers can download their past tax records, often to use in mortgage or loan applications—with valid taxpayer information. A lapse in how the tool checked user identities meant that the tool accepted some basic personal information, such as a Social Security number, date of birth, and address, along with personal questions you might not think twice about, such as your mother’s maiden name and where you went to high school.
Read more at FORTUNE