Data Security Breaches, Protecting Your Information, and Tax Refund Delays
I was recently speaking with our partners at the accounting and business consulting firm, KLR, about some national events they've been attending and meetings they've been having.
They report that, on more than one occasion, it was brought up that the federal government is expecting (on average) tax refunds to be issued later this year than they have been in prior years.
The interesting part was the reason behind this. You might be thinking, “it's because the government doesn’t have the funds” or “it's related to the craziness in Washington over the budget”. However, you would be wrong. The issue is data security.
The recent hacks at Target, Neiman Marcus, Michaels, and CNN have resulted in an unprecedented amount of personal information being released into the wild. As a result, the government has had an influx of very sophisticated fraudulent tax filings submitted by hackers trying to cash in on refunds. They are using personal data gathered from various hacks (cross-referenced to provide a fairly complete profile on an individual), and then are using tax filing applications to generate returns that are predisposed to large refunds. The result is that the government is now having to spend more time reviewing returns, because the systems that handle the bulk processing aren’t yet able to clearly identify some of these methodologies. All of this, because the IT departments weren’t able to adequately secure their networks!
Now, to be fair, ever since their first data breach TJX has put A LOT of money into securing their systems. They’ve hired on-staff security specialists and I'm sure they’ve fended off thousands (if not more) attempts to penetrate the network. However, this just goes to show two things:
- It's nearly impossible to completely secure a network...even if you throw a ton of money at it. Every network is vulnerable.
- The ripple effect of data security is vast. It's almost impossible to tell where the impact of a data breach will be felt.
So, protect your information. Be selective about when you provide your SSN, email, address, phone numbers, etc. Don’t assume that only supplying limited data to any one organization can protect you. As we've seen, data from multiple breaches is easily cross-referenced. Use complex passwords and (even though it can be a pain) use different passwords across your various service providers.
You can’t protect yourself completely, and you may still feel the effects of breaches even though your personal data wasn’t compromised. However, you can limit your exposure by taking a proactive approach to your personal data security.