On the final day of National Tax Security Awareness Week, the Internal Revenue Service and its Security Summit partners urged tax professionals to reassess their plans for protecting themselves and their clients’ sensitive information amid increasing attempts by identity thieves to steal tax data.
Identity thieves on the hunt for taxpayer data aren’t just
targeting taxpayers, they’re going after the tax professionals, who hold
enormous amounts of sensitive taxpayer data, in hopes of filing fraudulent tax
returns. This year, the IRS has already received more than 250 reports of data
breach incidents from tax professionals affecting approximately 200,000
clients.
Amid these continuing reports of tax professionals
encountering data breaches, the Security Summit partners urged practitioners to
review the newly updated Written
Information Security Plan (WISP).
Tax professionals are required by federal law to have
written plans identifying foreseeable data security risks and safeguards, and a
plan of action to take in the event of a security breach. To simplify this
complex task, a special team of Security Summit members from the tax community
released an updated WISP that tax professionals can use as a roadmap to apply
to their own practice.
The IRS also reminds taxpayers that additional safeguards,
like multi-factor authentication (MFA), are required by federal law to better
protect themselves and their clients. MFA provides an extra layer of security
to ensure the proper people are accessing sensitive accounts and systems.
Read the full notice: National Tax Security Awareness Week, Day 5
