Posted by & filed under Fraud, IT Security.

WileyBlog

According to the IRS, a “sophisticated” organized crime syndicate used the IRS website to steal tax forms full of personal financial information on 104,000 taxpayers, the IRS agency said Tuesday.

Source: CNN

Date: May 26th, 2015

 

Link: http://money.cnn.com/2015/05/26/pf/taxes/irs-website-data-hack/index.html

Discussion

1) The IRS calls this a “sophisticated” organized crime syndicate doing this. The article says the IRS “website provided a service called “Get Transcript.” It’s an easy way to download several years of tax forms for tasks like applying for a mortgage, or college financial aid.” Does this sound like you would need to be “sophisticated” to do this hack?

2) The IRS detected the hack because it “spotted an odd flood of computer traffic and initially thought its website was facing a cyberattack to block its services. But on further investigation, it discovered that the slew of requests were pulling data from its “Get Transcript” service and the agency immediately cut off communication.” Should this really have required “further investigation” and how do you differentiate between a Denial of Service attack and just a lot of people getting data through an app?

Leave a Reply

Your email address will not be published.