The criminals gained access to the IRS through a new system called “Get Transcript,” which allows taxpayers to go online and get years’ worth of their own tax records. Mr. Koskinen said the perpetrators used information they already knew about taxpayers to fool the system into believing it was the taxpayer logging in, and then stole the transcripts with even more information.
In thousands of instances the criminals turned around and used that same information to file fraudulent returns, stealing potentially close to $50 million from the government.
“This is not a security breach. Our basic information is secure,” Mr. Koskinen insisted in a call with reporters to discuss the theft, which had gone on for months — dating back to February — but was only caught last week.”