The Internal Revenue Service developed an identity protection tool designed to eliminate tax return fraud. It added an extra layer of security for taxpayers who are at higher risk of becoming the victims of fraud because of personal information leaked in commercial data breaches. Apparently, this new tool didn’t work out the way the IRS intended. The new tool now has been shut down because of security problems.
A recent attack on the IRS.gov website that resulted in the breach of an IRS contractor’s system — exposing 101,000 taxpayers’ Social Security numbers and other data — prompted an IRS security review. The agency found that the online tool allowing taxpayers to reset their IP PIN wasn’t secure enough to ensure the identity of the person doing the resetting. In a statement published on the IRS’ site, an agency spokesperson said that the IRS is “looking at further strengthening the security features of the tool.”
Details may be found in an article by Sean Gallagher in the Ars Technica web site at http://goo.gl/THBDtd.