On Thursday, Internal Revenue Service (“IRS”) Commissioner John Koskinen testified that the personal data of up to a 100,000 taxpayers could have been compromised as a result of criminal use of the Free Application for Federal Student Aid Data Retrieval Tool (“DRT”). Last week, we posted that the IRS disabled the tool after it suspected that hackers were posing as students and using the DRT to gather students’ and parents’ tax information. This information could then be used to file fraudulent tax returns and steal refunds. The number of taxpayers who may have been affected still remains unknown, but the agency believes that fewer than 8,000 fraudulent returns were filed and processed. Another 14,000 fraudulent returns were spotted by investigators before refunds were issued, and another 52,000 filings were halted altogether. To be safe, the IRS announced that it plans to notify all 100,000 potentially affected taxpayers.

[View source.]