The IRS says the thieves were able to access the information using a “Get Transcript” API. They were able to clear security screens requiring the person’s Social Security Number, date of birth, tax filing status and street address.
The IRS told the AP that about 200,000 attempts were made from “questionable email domains,” and 100,000 of these were successful. It also notes it’s a small portion of the 23 million transcripts that were legitimately downloaded, but a 50 percent success rate for the thieves is not very encouraging.
On the other hand, the IRS suggests the thieves already had plenty of information on the victims, given the answers needed to get past the authentication process.
The hacks happened from February to mid-May. The Get Transcript service has temporarily been shut down, and the agency is contacting taxpayers who may have had their information compromised.