The US Internal Revenue Service was the target of a malware attack that netted electronic tax-return credentials for 101,000 social security numbers, the agency disclosed Tuesday.
Identity thieves made the haul by using taxpayers' personal data that was stolen from a source outside the IRS, according to a statement. The attackers then used an automated bot against an application on the IRS website that provides personal identification numbers for the electronic filing of tax returns. In all, the hackers made unauthorized queries against 464,000 social security numbers but succeeded against only 101,000 of them.
No personal information was obtained from the IRS systems. Agency officials are flagging the accounts of all affected taxpayers and plan to notify them by mail of the incident. The IRS is also working with other government agencies and industry partners to investigate the hack or stem its effects. The hack occurred last month.