Advertisement

IRS kills e-filing PINs prematurely due to cyberattacks

The IRS says you don't need one anyway.

The IRS was gearing up to kill e-file PINs later this year, but it has decided to speed up its plans after discovering suspicious activity. These electronic filing personal identification numbers, which people could use to authenticate tax returns filed online, are no longer available on IRS.gov or via the agency's toll-free phone number. If you'll recall, identity thieves used malware to steal taxpayers' info from other websites, which was then used to generate 100,000 PINs, back in February. The thieves were actually gunning for 464,000 PINs, but the agency was able to stop them before they got near that number.

This time, the IRS detected "automated attacks taking place at an increasing frequency" thanks to the additional defenses it added after that initial hack. It said only "a small number" of taxpayers were affected, but it didn't give an exact number. The IRS chose not to kill the tool back in February, since most commercial tax software products use it. After these recent cyberattacks, though, the agency determined that it would be safer to give up on a verification method that's scheduled for the chopping block anyway.

The service also took the chance to remind people that a PIN isn't even necessary to file tax returns. "[Y]ou will need to use your prior-year adjusted gross income (AGI) to validate your signature," the old request page reads. "If you do not have your prior-year tax return, you may use Get Transcript Online or Get Transcript by Mail to obtain your prior-year AGI. You may use your AGI to validate your signature and continue with electronic filing of your tax return."