Nearly 100,000 taxpayers may have had their personal information compromised by a security breach of an Internal Revenue Service tool that makes it easier to fill out the Free Application for Federal Student Aid, the Fafsa, according to the IRS commissioner, John Koskinen, who testified on Thursday before the Senate Finance Committee.
The tool, which mysteriously and abruptly went offline in March, is scheduled to be available again in October, officials have said. Mr. Koskinen testified that 35,000 letters had already been sent out notifying people whose data may have been compromised.
The IRS knew last September that there was a risk that the tool could be used for nefarious purposes, he said. And before the tool was taken down, roughly 8,000 fraudulent refunds totaling $30 million had been issued. Some of the tax documents that were flagged as phony, he added, were actually legitimate.
“To shut it down without a clear indication of criminals actually using it seemed to us that it was going to unnecessarily disadvantage millions of people who used it,” he said, according to The Wall Street Journal. Several student-advocacy groups have criticized the IRS and the Education Department’s Federal Student Aid office for taking the tool offline.
The IRS has provided confidential briefings on the suspension of the data-retrieval tool to members of the Finance Committee as well as members of the House and Senate education committees. In a written statement following the announcement that the tool would be offline until the fall, Sen. Lamar Alexander, a Republican of Tennessee, urged the IRS and the Federal Student Aid office to “continue to prioritize getting the helpful data-retrieval tool back online quickly with adequate protection for users’ data.”
Sen. Patty Murray of Washington, the top Democrat on the education committee, said in a written statement she was glad that steps were being taken to ensure users’ privacy. But she said she remained concerned that there were “no immediate solutions” for those affected.