In a move that has not gotten a great deal of press, the Internal Revenue Service suffered a data breach. Apparently, the electronic assailants (thought to be from Russia) hacked into a data storage unit. As you might suspect, the Internal Revenue Service stores all manner of information, including past tax returns and all the information that goes into those tax returns. Obviously, this includes not only your W-2’s, but also your date of birth, social security number, and other personal information. Of course, also included in the data would be any financial institution that has paid you interest.
Essentially, the hackers have all the information that anyone might need to contact your financial institution and cause mayhem.
The reason I know all of this is taking place is because of a letter I got a couple of weeks ago from the IRS. Essentially, they wanted to know if the return I had recently filed was, in fact, mine. Sadly, I had not yet filed my taxes. The return was not mine. Someone had taken my past taxes and used the information thereon to create a fraudulent tax return that was passable enough that the IRS wasn’t sure if it is bona fide or not.
My wife ended up spending about an hour on the phone with the IRS going over personal information to confirm our identities.
I have recently been contacted by a bank (that I don’t use) about a loan “I had applied for”. The application included all of the particular information you might need for a loan, including my date of birth and social security number. There were just some oddities about the loan, which had been submitted electronically, which didn’t add up to the young lady about to approve this thing. It was a scam. Thankfully, she contacted me and I was able to nip that in the bud.
Because there is no way to know if you were caught up in the IRS data breach, I would urge you take immediate action. Contact each of your financial institutions. It is possible to put a code word on your accounts to prevent electronic transfers (at least, without the password). I would urge you to do this for each and every financial institution with which you do business. Don’t forget your retirement accounts, and investment houses. Additionally, I would urge you to enroll in a real time credit monitoring service, such as LifeLock or MyFico. For what it is worth, it appears that I’m going to have to do this for the rest of my life. Or, at least until some other form of identification is required for electronic transactions.
Identify theft is a growing problem. I would urge you to take steps to protect yourself immediately.