No, this post has nothing to do with Tina Fey’s new movie. I even considered using a term I learned when I was about 7. the headline on the (then ultraliberal, now ridiculously conservative) New York Post that read ‘SNAFU’. And, when I confronted my dad to define the term for me, there was a great deal of hemming and hawing, until he came up with ‘Situation Normal, All Fouled Up’. (By now, i am sure you’ve discerned the true definition of the term.)
Which clearly explains the situation at the IRS right now.
Over the last few years, way too many folks had their identities compromised. Had their social security numbers, dates of birth, and names be submitted with false tax returns, affording the criminal element with ready cash from the IRS. These ‘lucky’ ones find out their identities have been hacked when they or their tax advisors submit their tax returns, only to obtain a response telling them they already filed and got their refund. (I have written extensively about this problem. Here’s just the latest sample.)
And, after extensive reporting and documentation , the IRS ‘clears’ up the problem, and more often than not, issues an IP PIN, a 6 digit additional code to be used when submitting one’s tax returns, To make it impossible (sic) for their identity to be hacked again.
You ask how this scenario is possible? It’s really simple.
It turns out that a whole bunch of the hacked folks were duped (or lost in space) when a supposed IRS agent called them to ‘verify’ their tax data. And these folks spouted their dates of birth, social security number, and (often enough) their adjusted gross income. All of which enable even the feeblest criminal free reign to file false tax returns.
About 3/4 million more lost their identity via a ‘benefit’ that was offered on the IRS website a few years ago. Any individual could request a tax transcript from the IRS, by providing a few salient facts. (One can still obtain transcript, but they no longer appear online, and are mailed to the address on file with the IRS.)
Given these facts, one would hope that the IRS would employ different practices to ensure the security of thenewly issued IP PIN’s.
Well, Bless your heart, IRS man (or woman). (If you have never lived in the South, I suggest you Bing or Google the expression to find its true meaning.)
You guessed it. In case you forgot the 6 digit number assigned to you by the IRS when you were hacked, the IRS provided a simple solution (as in Simple Simon) to obtain it. All you had to do was visit the IRS site, plug in your name, address, social security number, date of birth, and a piece or two of other information clearly findable on the web, and voila! Your 6 digit security PIN would appear.
And, I’m sure you guessed what happened next. The 6 digit PINs have been hacked.
And, you wonder why folks like me don’t want the Feds to get free access to my phone data.
HOT OFF THE PRESS: Since I wrote this blog- but before it posted (I do have a long queue, thankfully)- the IRS has suspended the PIN program as it was constituted. With what I consider to be a dirty band-aid over the open and festering wound. But, it’s all that is available right now.
If you were issued a PIN and lost your CP01A letter (really? that’s the sort of thing that needs to be scanned in and saved in multiple locations folks!!!), you must call the IRS. (That also means you need to be on the phone for hours!). The IRS will then mail you another letter- if you can verify your identity. (If you’ve moved, they will not mail the form to a new address. That means you MUST file a paper tax return (no electronic filing allowed for those who have been hacked) and it will (take almost forever for it to) be processed.
But, if you live in DC, Georgia, or Florida, then you can electronically file but must include your PIN with your return. If you don’t have the PIN, the IRS will accept (for now) electronic filing without the PIN- but only for those ‘state’ residents. (You do recall that DC is not a state- and has no representation but is subject to taxation.)
Anyone who filed Form 14039 for NON-TAX identity theft issues (Box 2 chose) should include the PIN on their tax returns. Of course, if you don’t have that PIN, the last sentence two paragraphs above applies to you.
My mother in law, who is in her late 80’s, got one of those IRS scam calls. She only got suspicious after the man wanted her to pay with Rite-AID gift cards. There should be a special place, if there is an afterlife (in a very hot location) for people like that.
Actually, Alana, those creeps are hoping to be living on easy street with the money they scam from unsuspecting soft-spots.
Wow, I’m glad that I don’t live in America! Thanks for sharing!
Timothy:
While our tax department seems to lose its ability to keep security manifest, I doubt very much it’s the only government agency (or country) in this predicament. We may just be more open about it. (OK, once they are caught 😉 )