Today's hackers are largely opportunists. So it's no surprise that the IRS is dealing with an onslaught of attacks from a variety of angles.

Most recently, the tax agency announced it had fended off a botnet attack on the E-file system that attempted to create artificial PINs for stolen Social Security numbers.

In January, IRS security officials detected the use of some 464,000 different Social Security numbers attempting to create new PINs using an automated script. The botnet was able to access PINs for about 101,000 taxpayer accounts, however it does not seem as though any sensitive information was stolen.

"IRS cybersecurity experts are currently assessing the situation and the IRS is working closely with other agencies and the Treasury Inspector General for Tax Administration," the agency said in a Feb. 9 statement. "The IRS also is sharing information with its Security Summit state and industry partners."

The IRS stressed that it successfully blocked the attack and no taxpayer data was exfiltrated or compromised. The agency also noted the stolen data leveraged to initiate the attack was not taken from IRS databases.

Despite this, IRS officials are taking steps to alert taxpayers whose information was used in the attack.

"The IRS also is taking immediate steps to notify affected taxpayers by mail that their personal information was used in an attempt to access the IRS application," according to the IRS statement. "The IRS is also protecting their accounts by marking them to protect against tax-related identity theft."

The agency said the botnet attack was not related to a hardware malfunction reported last week that took several popular apps offline for a time. Nor is it related to a more significant breach last year, which compromised information on some 500,000 taxpayers.

Aaron Boyd is an awarding-winning journalist currently serving as editor of Federal Times — a Washington, D.C. institution covering federal workforce and contracting for more than 50 years — and Fifth Domain — a news and information hub focused on cybersecurity and cyberwar from a civilian, military and international perspective.

Share:
More In Cyber