Mar 14, 2019

Tax season is predicted to have fewer breaches in data

Illustration of IRS logo with lock

Illustration: Sara Grillo/Axios

With tax day rapidly approaching, it's beginning to look like this tax season will show a sharp decline in breaches swiping data used to file fake tax returns. Risk Based Security (RBS), a cybersecurity group that monitors breach notifications, has tracked only 5 reports of theft of tax data this season, down from around 40 in the whole of last year's tax season and 230 the year before.

Why it matters: While the number of tax-document-related breaches has been on the decline for a while, it's still surprising to see such a rapid drop, even after the number had plummeted into the double digits.

"It's always interesting to see something that was so successful drop off," said RBS executive vice president Inga Goddijn.

Details: The RBS numbers are interesting.

  • The number RBS tracks tallies how often companies told regulators that hackers stole employee information, like W-2 payment forms, in apparent attempts to scam the IRS with fake tax returns to obtain tax refund checks. It is a good indicator of how often hackers are attempting these kinds of thefts.
  • Of course, not all thefts are reported or are even discovered by the companies. And since the number of people who work at a company varies, it's hard to draw conclusions about total victims from the number of companies breached.
  • Tax season isn't done yet, and RBS anticipates the final number of reported breaches will be more than 5.

By the numbers: RBS isn't the only group seeing a downward trend. The IRS hasn't released information for this season yet, but noted in 2018, through October:

  • Reports of identity theft had dropped 17% since 2017 and 72% since 2015. ("We've seen dramatic declines in identity theft since 2015," said IRS commissioner Chuck Rettig at a security summit in December.)
  • Financial institutions flagged 66% fewer checks from the IRS as likely to be the fruit of scams.

The intrigue: Typically, when one type of cybercrime goes down, another type goes up — if you prevent one way of exploiting people, hackers move on to another. But RBS hasn't found a corresponding rise in any other field.

Experts don't see a clearcut reason for the decline, but there are some spitball-able theories.

  • The IRS has gotten better at detecting fraud during the refund process, before checks are mailed, which may remove the incentive to steal W2 information in the first place.
  • Employers may have gotten more aware about protecting employee information.
  • The scam could have changed into something harder to detect or less clear to report.
  • Scammers behind major schemes may have been arrested for other crimes.

To be sure: None of this is an excuse to stop protecting yourself or your employees.

  • Michael Bruemmer, vice president of data breach resolution at Experian, noted, "Businesses should not let their guard down and continue to stay vigilant throughout the year for all kinds of threats such as phishing scams and malware attacks."
Go deeper