Amid new cyberattacks, IRS shuts down e-Filing PIN tool


Written by

The IRS has abandoned its e-File PIN number tool — used by online taxpayers to verify their identity when they file their annual tax return form 1040 — following new cyberattacks by online fraudsters.

The agency said in a statement it had been working with the tax preparation industry to get rid of the tool since February, when hackers using an automated bot attack program accessed more than 100,000 e-File PINs. The decision was moved up after a new round of automated attacks was discovered.

[Read More: Identity thieves attack IRS e-file system]

“We were able to identify this issue because of additional defenses put in place earlier this year, and backend protections remain in place. However, the IRS decided to remove the e-File PIN program as a safety measure,” the IRS announcement Thursday reads.

According to the IRS, the February breach did not result in stolen taxpayer information, but the following month the agency suspended the use of a different PIN tool, the identity protection PIN.

[Read more: IRS suspends online ID protection in wake of new fraud]

The e-File PIN tool remained operational until now because the program’s API is embedded in nearly all commercial return preparation software, the IRS announcement explains.

Most taxpayers do not need an e-file PIN to file their taxes electronically, IRS said, because data from prior year tax returns provide the same verification.

While the change is only expected to affect a small segment of taxpayers, those who have not filed their tax returns this year and need a replacement e-File PIN will require assistance from their respective tax software providers, according to the IRS.