Skip to content
  1. Newsroom
  2. Press Releases

Rounds Sends Letter to IRS Commissioner Concerning Taxpayer Identity Theft

PIERRE—U.S. Senators Mike Rounds (R-S.D.) and Jeff Merkley (D-Ore.), members of the Senate Banking Committee, today sent a letter to Internal Revenue Service (IRS) Commissioner John Koskinen raising concerns about a cyber hack into the IRS’ Identity Protection (IP) Personal Identification Number (PIN) program which potentially exposed the personal information of 130,000 taxpayers. The letter asks Commissioner Koskinen to explain what the IRS is doing to help tax fraud victims, what it is doing to upgrade the IP PIN program and what it is doing to combat taxpayer fraud.

“As you are aware, taxpayer identity theft fraud occurs when a criminal obtains the name and social security number from an unsuspecting taxpayer,” wrote the senators. “The thief files a fraudulent, often inflated, tax return in an effort to steal the rightful taxpayers’ refund. Often taxpayers only become aware of the fraud when they attempt to file a legitimate tax return and discover a return has been filed and a refund issued in their name. For many Americans, being cheated out of their refund is financially devastating.”

“The IRS response to this predatory problem should not just include reactive programs, initiatives designed to help taxpayers already victims of tax refund fraud, but the IRS should also consider proactive measures to protect all tax filers before tax identity theft occurs. The rising total of data breaches, increasing the availability of personal information to individuals with criminal intent, necessitates the need for the IRS to create effective programs to preemptively stop tax identity theft.”

Full text of the letter:

April 8, 2016

John Koskinen
Commissioner
The Internal Revenue Service
111 Constitution Avenue, NW
Washington, DC 20224

Dear Commissioner Koskinen,

We are deeply concerned about the growing number of cases involving taxpayer identity theft and write regarding the Internal Revenue Service’s (IRS) efforts to combat this problem facing our constituents and Americans across the country. 

As you are aware, taxpayer identity theft fraud occurs when a criminal obtains the name and social security number from an unsuspecting taxpayer. The thief files a fraudulent, often inflated, tax return in an effort to steal the rightful taxpayers’ refund. Often taxpayers only become aware of the fraud when they attempt to file a legitimate tax return and discover a return has been filed and a refund issued in their name. For many Americans, being cheated out of their refund is financially devastating. 

In recognition of the growing threat of taxpayer identity theft, the IRS created the Identity Protection (IP) Personal Identification Number (PIN) program, a six-digit number issued by the IRS to confirmed victims of identity theft. Once an IP PIN has been issued, it must be included when filing tax returns or the application will be rejected. Given that the IP PIN was a tool meant to help taxpayers, we were distressed to learn that the IRS was forced to suspend the program due to security failures related to online retrieval of IP PINs.[1] 

In March, the IRS admitted that more than 130,000 IP PIN accounts could have been compromised and in that same release, the IRS also stated that it has stopped 800 fraudulent returns connected. This is a step in the right direction, but clearly more needs to be done to protect the more than 130,000 tax accounts that may be at risk.

The IRS response to this predatory problem should not just include reactive programs, initiatives designed to help taxpayers already victims of tax refund fraud, but the IRS should also consider proactive measures to protect all tax filers before tax identity theft occurs. The rising total of data breaches, increasing the availability of personal information to individuals with criminal intent, necessitates the need for the IRS to create effective programs to preemptively stop tax identity theft.

Taxpayer identity theft is a growing problem for the IRS. According to a 2014 Government Accountability Office report, the IRS paid out $5.8 billion in fraudulent tax returns due to taxpayer identity theft in the 2013 tax year. As of September 30, 2015, the IRS handled over 600,000 tax identity theft cases, a 150% increase since 2014.

To combat this problem, the IRS must make certain that taxpayer information and refunds are kept secure against the growing threat of taxpayer identity theft. To that end, we request the IRS respond to our questions regarding their efforts to tackle this damaging practice:

  1. What extra scrutiny is the IRS giving to the returns of the 130,000 impacted taxpayers to stop the processing of fraudulent tax returns?
  2. What assistance is the IRS providing to taxpayers whose information has been compromised?
  3. According to Treasury Inspector General for Tax Administration, IP PIN applications relied on single-factor authentication, leaving taxpayer information vulnerable to cyber criminals. Is the IRS considering implementing a stronger authentication process? If so, what type of stronger identification process is the IRS considering? If not, why not? 
  4. In addition to authentication, is the IRS considering modifications to the IP PIN program specifically to secure sensitive personal information and fight taxpayer identity theft? If so, what modifications are being considered? If not, why not?
  5. Is the IRS considering other measures to ensure unscrupulous individuals do not access, or are able to obtain, taxpayer information in order to cheat the taxpayer and the tax system? 
  6. What steps is the IRS taking to proactively fight taxpayer identity theft generally so that taxpayers do not lose their refunds to fraudulent filers?

We appreciate your attention to this issue and hope you will address deficiencies in protecting consumers by issuing the strongest security measures to safeguard taxpayer information and taxpayer dollars. 

Sincerely,

###

 

Related Files
  1. Rounds, Merkley Letter to IRS Commissioner
Previous Article
Next Article