IRS says you were screwed even before the Equifax hack


Ian Sherr
Ian Sherr Former Editor at Large / News
Ian Sherr (he/him/his) grew up in the San Francisco Bay Area, so he's always had a connection to the tech world. At CNET, he wrote about Apple, Microsoft, VR, video games and internet troubles. Aside from writing, he tinkers with tech at home, is a longtime fencer -- the kind with swords -- and began woodworking during the pandemic.

Forget about privacy and security in the 21st century.

James Martin/CNET

Well, at least we still have our health.

IRS Commissioner John Koskinen committed the shocking crime of making sense on Tuesday, when he said something security experts have been saying for years: Hackers probably already had your private information, even before the Equifax breach.

Koskinen told reporters the agency believes a "significant" number of the more than 145 million Equifax victims had already had their personal information stolen by cybercriminals.

"We actually think that it won't make any significantly or noticeable difference," Koskinen said during a briefing reported by The Hill newspaper. "It's a challenge that we have been worried about ... from the start."

That's not to underplay how significant the hack of Equifax has been. Since it was announced in September, we've learned the company, which collects and profits from our private financial data whether we agree to it or not, poorly managed its computers, may have executives that committed insider trading, and has been shockingly negligent while informing the public.

CNET already recommended that you should assume you're one of the Equifax victims, since so many people were affected and Equifax's own website is just so bad

So what should you do? Follow our guide to surviving the Equifax data breach.