In today’s digital age, tax professionals are prime targets for identity thieves who seek valuable client tax information. The IRS, alongside Security Summit partners, is continuously monitoring for identity theft threats, especially those aimed at tax professionals. If you’re in the tax industry, it’s crucial to stay vigilant and recognize the early signs of a data breach to protect both your business and your clients.
Red Flags That Could Signal a Data Breach
If you notice any of the following issues, it’s important to act quickly:
- Slow or Unresponsive Systems: If your software is suddenly slower than usual or actions take longer to process, it could indicate unauthorized access. Pay attention if your computer’s cursor moves or changes numbers without any input from you.
- Locked Out of Your Systems: Unexpectedly losing access to your network or computer is a major warning sign. This could mean that someone else has taken control.
- Client Return Rejections: If client tax returns are rejected due to their Social Security numbers being used on other returns, it’s a strong indicator that identity theft has occurred.
- IRS Authentication Letters: Receiving IRS authentication letters (5071C, 6331C, 4883C, 5747C) for clients who haven’t filed a return is another red flag.
- Unfamiliar E-File Acknowledgements: If you’re receiving more e-file receipt acknowledgments than the number of returns you’ve actually filed, it’s time to investigate.
- Disabled IRS Online Account: If your IRS online account is disabled without explanation, this could be due to suspicious activity.
- Unexpected Transcripts: If transcripts are being delivered to your Secure Object Repository that you didn’t order, it’s a sign that someone may be accessing your systems.
- Compromised CAF Number: If the IRS notifies you that your Centralized Authorized File (CAF) number has been compromised, it’s essential to take immediate steps to protect your clients. Consider requesting a new CAF number to secure your business.
- Unrecognized Client Notices: Receiving notifications from the IRS regarding clients you don’t represent is another indication of unauthorized activity.
Immediate Steps to Take if Data Theft Occurs
If you suspect a data breach, it’s critical to report it immediately:
- Contact the IRS Stakeholder Liaison: Quick action is vital. The IRS stakeholder liaison will alert the necessary IRS offices, helping to block fraudulent returns filed in your clients’ names. The IRS will also guide you through the recovery process.
- Consult Cybersecurity Experts: Work with cybersecurity professionals and your insurance company to determine the cause and extent of the data breach. This will help you mitigate the damage and prevent future incidents.
- Notify State Tax Agencies: Visit the Federation of Tax Administrators’ website to find contact information for your state tax agency and report the breach accordingly.
- Proactive Client Communication: Inform affected clients and recommend protective measures, such as obtaining an Identity Protection PIN or filing Form 14039, Identity Theft Affidavit.
Protect Your Practice
Staying informed and proactive is key to defending your practice against data breaches. For more details and resources on data theft prevention, visit the IRS’s Data Theft Information Page.