IRS thinks data breach came from Russia

But US Congress still wants answers over how such a breach was allowed to happen - could an 11 per cent fall in cyber-security employees be to blame?

The US Internal Revenue Services (IRS) believes that the catastrophic data breach it suffered, which enabled criminals to steal the tax returns of more than 100,000 people, originated in Russia.

The attack is significant because criminals with access to the tax return transcripts could easily steal the identities of the victims.

Peter Roskam, the Illinois Republican who is chairman of a subcommittee on oversight, said that IRS Commissioner John Koskinen told him in a phone conversation that the theft occurred from Russia.

"It's a problem, no matter where it's coming from, for the taxpayers and the IRS. It surely doesn't help matters though that it's coming from Russia for all the obvious geopolitical reasons," CNN reported Roskam stating.

Koskinen had already said earlier in the week that he was confident that the attack was not carried out by amateurs.

"These actually are organised crime syndicates that not only we but everybody in the financial industry are dealing with," he said.

The IRS said that these organised syndicates used personal data collected elsewhere to access tax information, which they then used to file for $50m in fraudulent tax refunds.

Roskam said the breach was concerning because the IRS system wasn't hacked. Instead, the criminals used personal data and "went in the front door of the IRS and unlocked it with a key".

Several organisations are looking into the breach including the IRS's own Criminal Investigation Unit and the FBI.

US Congress has been pushing for more information about how the attack was able to occur to be released and asking why more precautions had not been taken, despite warnings.

"That the IRS - home to highly sensitive information on every single American and every single company doing business here at home - was vulnerable to this attack is simply unacceptable," said Senator Orrin Hatch, chairman of the Senate Finance Committee.

"What's more, this agency has been repeatedly warned by top government watchdogs that its data security systems are inadequate against the growing threat of international hackers and data thieves," he added.

Some observers also blame the firm's shift to outsourcing its security requirements. In 2011, the IRS employed 410 people in its cyber-security unit, but by 2014, this had fallen by 11 per cent to 363 people, according to reports released annually by the US Treasury Department Inspector General.

However, the organisation is spending more on cyber-security - with a 9.7 per cent increase from 2012 ($129m) to 2014 ($141.5m), indicating that it has indeed taken an outsourcing route. Whether or not this has played a part in the data breach is up for debate.

Criminals tried to access the tax accounts of 200,000 people between February and May, but only succeeded in about half of the attempts.

The IRS said it would notify all 200,000 people that third parties may have access to personal data that was potentially used to initiate the hacking attempts.

Those whose tax information was accessed will be offered free credit monitoring, the agency stated.