Public.Resource.Org’s head, Carl Mahmud, who’s lobbied for transparency in non-profit tax accounting for years, told BoingBoing: “This is only one of several exempt organization databases that the IRS has totally bungled. They've become addicted to bad Internet hygiene and it is time now for the Service to admit it needs help.”
How much damage was done is still unknown. It can takes weeks, months, in some cases years before jeopardized Social Security numbers (SSN) make their way into criminal hands.
One real risk to the exposed: tax related identity theft occurring next tax season, where fraudsters use the breached SSNs to apply for refunds before the genuine taxpayer has a chance to file. I's imperative for folks whose information has been exposed, and all Americans really, to file taxes as soon as all relevant tax documents are received—usually by middle of end of February. This prevents crooks from filing first, obtaining the tax refund, and causing a whole slew of other tax and identity theft-related problems.
If you know your information has been exposed be proactive. Start by placing a fraud alert on your credit file with all three credit bureaus, or—if you don’t intend on adding a new line of credit in the foreseeable—a security freeze. This costs less than $50 total and locks down you file until you decide to unlock it—keeping bad guys from jacking your credit history. Here are some more tips for protecting your identity if you suspect your SSN has been exposed.
Social Security numbers don't expire like account numbers and PINs. Consumers need to be diligent and pay attention to any suspicious activity on their credit file, tax filing status, and other personal financial information for years to come. Clearly the IRS doesn’t have your back. You’re your own best defense.
Eduard Goodman is Chief Privacy Officer at IDentity Theft 911.