OPM & IRS Data Breaches

June 23rd, 2015

Reprinted from the US Dept of Homeland Security 'Stop.Think.Connect.' June 2015 Update

Two data breaches at the Internal Revenue Service (IRS) and the Office of Personnel Management (OPM) have grabbed national headlines in the recent months, once again putting the importance of cybersecurity in the forefront of American’s minds.

The OPM revealed in June that personally identifiable information of four million federal employees may have been compromised in what appears to be one of the largest cyber breaches in history of federal employee data. OPM released a statement on this issue here and will be sending out letters to all individuals whose personal information was potentially compromised in the data breach and offer free credit monitoring and identity theft insurance to all of those affected. For more information on these services visit, www.csid.com/opm and by calling toll-free 844-222-2743.

It was also recently discovered that a data breech at the IRS revealed sensitive tax return data of over 100,000 taxpayers through the IRS “Get Transcript” application. Beginning in February, cyber criminals gained unauthorized access to the data which included social security numbers, dates of birth, and street addresses. The criminals then used the stolen data to file fraudulent tax returns.

The IRS released a statement on the incident here with more information. The agency will be sending a letter to all the taxpayers whose accounts were accessed to notify them and will provide free credit monitoring services for all of those affected. The letters will include additional details for taxpayers about the credit monitoring and other next steps.

What should you be on the lookout for?

  • Check your bank and credit card statements closely. Oftentimes, the hackers will use the stolen information to run up bills in the names of the people’s information that they stole.
  • Be wary of suspicious emails, letters, calls, or texts from people asking for your personal information. Cyber criminals will often reach out to their victims in an attempt to gain their personal information, sometimes claiming they need the information to help clear up the problem. In their statement, the IRS emphasized that they “will not request any personally identifiable information from taxpayers.”

For more information about how to protect yourself online, please visit dhs.gov/stopthinkconnect