Higher ed systems seek ID theft source

Nathan Baker • Apr 12, 2014 at 8:05 AM

Tennessee’s two public higher education systems are trying to trace the source of a possible federal income tax scam resulting from the stolen identities of some of their employees.

An email sent to faculty and staff in the Tennessee Board of Regents system said the college governing body was alerted to the possible scam by the University of Tennessee at Knoxville, which belongs to its own system.

The email said that when at least eight UTK employees attempted to file their income tax returns, they were notified by the U.S. Internal Revenue Service that a return had already been filed under their names and Social Security numbers.

TBR employees were asked to report similar experiences to determine if a data breach occurred at UT or a state database.

Spokeswoman Monica Greppin-Watts said four TBR employees, two at Southwest Community College in Memphis and two at East Tennessee State University, reported they received the same notice when filing their taxes, but the board believes they’re isolated cases.

“We don’t have any reason to suspect that there is any data breach,” she said. “At the TBR, we don’t have a central database where all employee data is stored. That information is kept on site at each of our member schools.”

Out of the TBR’s 16,000 employees, Greppin-Watts said that four reporting stolen identities doesn’t seem to be a significant number to indicate a security problem in the system.

An Associated Press report said hackers and rogue employees are responsible for fraudulently claiming billions of dollars in tax refunds by stealing the personal information of U.S. citizens and filing a bogus return.

A government report estimates the IRS paid out nearly $4 billion to people using stolen identities to file fake tax returns in 2012.

In December, the Tennessee Bureau of Investigation charged a state employee with stealing the personal information of hundreds of teachers in the Nashville area and Johnson City Power Board employees by accessing a Tennessee Consolidated Retirement System file and downloading the information to a personal computer.

After searching the computer’s browser history, the TBI reported the man, Steven Hunter, searched for information about selling stolen personal data, but the agency did not believe he was able to sell the identities.

The state Treasury Department did offer credit monitoring services to the affected employees as a precaution.

Greppin-Watts said with the prevalence of identity theft in today’s interconnected world, there is no reason to suspect the four employees reporting identity theft is connected to the TBR.

“This is really a national issue with the IRS,” she said. “These are four employees at two institutions on opposite sides of the state.”

Follow Nathan Baker on Twitter @JCPressBaker. Like him on Facebook: www.facebook.com/jcpressbaker.

Recommended for You

    Johnson City Press Videos