The U.S. Internal Revenue Service (IRS) revealed that the breach of its database revealed in May was much more extensive than previously thought, with nearly three times as many taxpayers hit by data theft.
The IRS said in late May the tax return information of about 114,000 U.S. taxpayers had been illegally accessed by cyber criminals over the preceding four months, with another 111,000 unsuccessful attempts made.
A new review has identified 220,000 additional incidents where data was breached, the tax collection agency said. It identified another 170,000 suspected failed attempts by third parties to gain access to taxpayer data.
The attackers sought to gain access to personal tax information through the agency’s “Get Transcript” online application, which allowed taxpayers to call up information from previous returns. The system was shut down after the May attacks.
The IRS believes some of this information may have been gathered for potentially filing fraudulent tax returns during the upcoming 2016 filing season
It added that it will soon begin mailing letters in the next few days to the taxpayers whose accounts may have been accessed, offering them free credit monitoring and a new personal identification number to verify the authenticity of next year’s tax returns.