The US tax authority has pointed the finger at Russian hackers for compromising tax records belonging to 100,000 people, according to sources that spoke to the American broadcaster CNN.
Official spokesmen for the Internal Revenue Service (IRS), which is responsible for collecting taxes, declined to comment on the source of the breach after confirming the scale of the attack, which it claims began after hackers collected taxpayer data from external sources.
However people allegedly briefed on the data theft told CNN that the attack originated in Russia, which has long been linked to international cybercrime because of lax attitudes, and in some cases wilful ignorance, among the country’s police.
Such accusations follow a pattern of increasingly common public accusations of hacking from governments around the world, with Iran being only the latest country to accuse an enemy – in this case the US – of attacking its systems through the Internet.
Commenting on the attack, Ken Westin, senior security analyst at the cybersecurity vendor Tripwire, said: "We live in a world where the Internet has become a database of ‘you’ and where one data breach can easily feed another.
"According to the IRS, the data came ‘from questionable email domains’ and at a high velocity of requests. The information that was used to bypass the security screen."
Logging into the IRS’ online service requires knowledge of a person’s social security number, date of birth, tax filing status and street address, as well as other personal information that should only be known by the taxpayer.
As a result of the breach the tax authority will contact 200,000 people who own accounts that the hackers attempted to access, though the IRS insisted that half of these attempts failed.
The other half affected by the breach will receive free credit monitoring services from the IRS, and their accounts will be flagged for further monitoring of potential identity theft until 2016.
