Editor’s note: This article is by Jordan Cuddemi of the Valley News, in which it was first published April 26, 2014.
An additional two dozen physicians and other medical personnel in New Hampshire and Vermont have had their Social Security numbers stolen and used to file fraudulent federal tax returns, bringing the total number of victims to more than 180, according to medical society officials in the two states.
What remains unclear, however, is who is behind the scam and how hackers are getting the Social Security numbers.
Physicians and physician assistants are required to disclose their Social Security numbers pursuant to federal law in order to get a license to practice, said Penny Taylor, New Hampshire Board of Medicine Administrator.
But they aren’t provided to any other organization, Taylor said, unless the board of medicine reports a provider to the National Practitioner Data Bank, a federal repository that tracks disciplinary cases or malpractice payments involving health care providers.
Karen LaFond, operations administrator at the Vermont Board of Medical Practice, which licenses a range of medical personnel, said the same formula is followed in Vermont.
Medical personnel in several states have said they’ve been victimized by bogus IRS claims, and officials in New Hampshire and Vermont have not turned up evidence of a data breach from their computers.
“When we became aware, we did a complete scan of our computers and our servers and everything was clean,” Taylor said.
Officials with the Secret Service and Internal Revenue Service are investigating more than 160 cases in which New Hampshire physicians, physician assistants, registered nurses, dentists, podiatrists and pharmacists have fallen victim to the scheme, as well as at least 22 cases in Vermont.
IRS spokeswoman Peggy Riley said the agency doesn’t have data on the size and scale of the breach that has caught up hundreds of providers.
“Identity theft remains a top priority of the IRS,” Riley wrote in an email. “The IRS is focused on preventing, detecting and resolving identity theft cases as soon as possible.”
A Secret Service official from the Manchester field office declined to comment, saying it is an ongoing investigation.
A couple from Grantham is also looking for answers on how they and were victimized.
Andrew and Toni Taylor received correspondence in the mail earlier this week from the IRS indicating they would receive a far bigger tax refund than they had anticipated.
“We knew that was incorrect,” said Andrew Taylor, a member of the New Hampshire Medical Society and a state-licensed endocrinology specialist, noting other parts of the letter also raised red flags.
Taylor said he has a hunch that his and his wife’s personal information was breached as part of the broader medical personnel scam, but that there is no real way of knowing.
Taylor worked for several years at Dartmouth-Hitchcock Medical Center in Lebanon and Dartmouth-Hitchcock Concord. Since 2009, he has solely done volunteer work at the hospitals.
Toni Taylor is a nurse practitioner licensed through the New Hampshire Board of Nursing.
“I am confused about what other data (the hackers) have,” Toni Taylor said. “I am also concerned if this is going to happen again.”
