IRS Data Breach Unfortunate In Many Ways – PIN?

Hacker typing on a laptop with binary code in background

The IRS news release that its “Get Transcript” web tool was hacked is distressing in many ways. First, of course, is the exposure of highly sensitive taxpayer data – apparently of about 100,000 taxpayers, with attempts on about 200,000 accounts. Additional concern is the the possibility of modernizing tax compliance is harmed. I have often suggested that tax compliance for many taxpayers (with fairly straightforward tax computations), should be as easy as buying something from

Sounds like greater security hardware and software is needed. Why not use a PIN as it is used to access bank data and use credit cards? Would that help?

Are stricter laws needed to punish hackers?

What do you think?

Original Post By:  Annette Nellen

Annette Nellen, CPA, Esq., is a professor in and director of San Jose State University’s graduate tax program (MST), teaching courses in tax research, accounting methods, property transactions, state taxation, employment tax, ethics, tax policy, tax reform, and high technology tax issues.

Annette is the immediate past chair of the AICPA Individual Taxation Technical Resource Panel and a current member of the Executive Committee of the Tax Section of the California Bar. Annette is a regular contributor to the AICPA Tax Insider and Corporate Taxation Insider e-newsletters. She is the author of BNA Portfolio #533, Amortization of Intangibles.

Annette has testified before the House Ways & Means Committee, Senate Finance Committee, California Assembly Revenue & Taxation Committee, and tax reform commissions and committees on various aspects of federal and state tax reform.

Prior to joining SJSU, Annette was with Ernst & Young and the IRS.

Twitter LinkedIn 

One comment

  1. James Kronenberg says:

    Although I have no computer security credentials, I remain unconvinced that adding PIN is the answer given its usefulness to seems limited to plastic card security. This breach to IRS “Get Transcripts” appears on surface to have succeeded for hackers only because “insider” assistance involved (of course, not admitted by IRS) given challenge questions were compromised. Why not consider security measures used by EFTPS for this “Get Transcripts”app ?

Leave a Reply

Your email address will not be published. Required fields are marked *

13 − 12 =