In February 2024, Change Healthcare, a healthcare services technology company, suffered the largest known breach of Protected Health Information (PHI). The company ultimately paid a $22 million ransom to a hacker group called ALPHV/Blackcat only to find the data for sale after BlackCat presumably failed to destroy the PHI. What does this mean for taxpayers?
Change Healthcare has notified 100 million taxpayers that a wide selection of information may have been stolen, including:
The information lost in this vast ransomware attack is a goldmine to bad actors considering tax fraud, identity theft, or other types of financial or tax crime. The IRS warns taxpayers annually about scammers who use stolen personal information to file for and claim the tax refunds of others.
To deter refund fraud, the IRS is suggesting that taxpayers sign up for an IP PIN. An IP PIN is a unique identifier for taxpayers to use to ensure their tax account—and refund—is not taken over by fraudsters.
IP PINS are a good idea for anyone who is aware they have suffered a data breach. With the Change Healthcare breach, the millions of taxpayers whose data was compromised are potentially at risk of identity theft, financial fraud, tax return fraud, and other longer-term identity fraud.
Here are some points to know about IP PINS:
Data breach is no longer uncommon and neither is tax fraud. If you know your contact and other information is compromised, consider additional steps like an IP PIN to maintain the security of your tax return—and your refund.
Serving clients nationwide from offices in Cleveland and Chicago, the tax attorneys of Robert J. Fedor Esq., LLC provide trusted representation on criminal tax defense, offshore tax investments, and compliance matters. Call us at 440-250-9709 or contact us online.