Tag Archives: Internal Revenue Service

IRS Issues Warning About W-2 Cyber-Scams, Especially for Schools, Nonprofits and Tribal Organizations

On February 2, 2017, the IRS issued a warning to all employers regarding the resurgence of a W-2 based cyber scam. The scam, which targets the corporate world during tax season, is currently “spreading to other sectors, including school districts, tribal organizations and nonprofits.” (irs.gov/news-events). This cyber-scam is simple, but highly successful. It consists of … Continue Reading

Identity Theft is the First of the IRS’ “Dirty Dozen” Tax Scams of 2016

Each year at the beginning of tax season, the IRS releases the “Dirty Dozen,” a list of twelve tax scams to be mindful of when individuals are filing their taxes.  This list is something to consider sharing with colleagues or friends within your organization. The first member of the 2016 Dirty Dozen is identity theft. Tax-related … Continue Reading

Employers Can Provide Credit Monitoring and Other Identity Protection Services to Employees Tax-Free BEFORE a Breach Happens, IRS Says

Earlier this year, we reported that the Internal Revenue Service clarified that it would not consider the value of credit monitoring and other identity protection services provided by employers to employees in connection with a data breach to be taxable income to the employees. IRS Announcement 2015-22. In response to comments, the IRS expanded this … Continue Reading

Credit Monitoring Services Following Data Breach NOT Taxable Income to Employees, IRS Announces

When an employer is responding to a breach of their employees’ personal information, one of the last things they may think about is whether the value of the credit monitoring or other identity protection services they make available to affected employees should be considered taxable to the employees and reported as such. In Announcement 2015-22, the … Continue Reading

Recent IRS, MTA Data Breaches Provide Reminders To Not Ignore the “Low-Hanging Fruit”

Many organizations believe they have taken all steps necessary to eliminate the risk of a data breach. They often point to the organization’s deft IT team and tout the installation of some of the latest software solutions to protect sensitive data. However, some of these same organizations often fail to take some very basic steps … Continue Reading
LexBlog