WASHINGTON, Feb. 27 (UPI) — An additional 390,000 taxpayer accounts may have been compromised after cyber criminals fraudulently accessed personal information, the Internal Revenue Service announced Friday.
The new number increases the amount of suspected targets to 720,000 since the discovery of a data breach in 2015.
In a statement released Friday, the IRS said it would notify the victims and offer them free identity-theft protection services. The news comes after a nine-month investigation, the IRS said.
“The IRS is committed to protecting taxpayers on multiple fronts against tax-related identity theft, and these mailings are part of that effort,” IRS Commissioner John Koskinen said Friday.
In May, the IRS said cyber criminals used the new “get transcript” tool on the agency’s website to access years of transcript history from people whose personal information they had stolen elsewhere.
Taxpayers used the tool to download about 23 million transcripts in its first few months of use at the beginning of 2015, the agency said. It used extensive security measures to keep out cyber criminals, such as asking for Social Security numbers, addresses and birthdays.
The agency said criminals used previously obtained identity information in order to trick the online tool, which been suspended since the launch of the investigation in May 2015.
Initially, the IRS reported 114,000 accessed taxpayer accounts, with an additional 111,000 accounts targeted but not accessed.
In August, they identified 220,000 more suspected compromised accounts and about 170,000 others which were unsuccessfully accessed.
“We appreciate the work of the treasury inspector general for tax administration to identify these additional taxpayers whose accounts ay have been accessed. We are moving quickly to help these taxpayers,” Koskinen said.