Meetings set to address Seattle archdiocese security breach

The first of six regional meetings to discuss the ongoing impact of an expansive personal information security breach in the Seattle archdiocese will take place Tuesday at O'Dea High School in Seattle.

The gatherings, which will be largely overseen by the Internal Revenue Service, will address the situation in which an increasing number of false IRS refund requests are being reported for the 2013 calendar year, part of what the IRS and archdiocese have called a "national tax refund fraud."

Bogus IRS filings have been discovered by employees and volunteers at parishes and schools from many parts of Western Washington as well as the archdiocese itself.

The upcoming assemblies "will be led by Kenneth Hines, IRS Special Agent in Charge, Seattle Field Office," according to a March 21 memorandum on the archdiocesan website.

"There will be time for questions and answers as well as an opportunity for attendees to make a formal written statement" on an IRS form provided in advance, the message stated, noting that a number of IRS personnel will be present.

A March 20 archdiocesan website "update" on "Steps You Can Take" noted, "It has recently come to our attention that some current and former Archdiocesan employees and volunteers are victims of a national tax refund fraud."

While the update does not specify dates when those victimized might have been associated with the archdiocese, it does provide credence to concerns and questions about how far back stolen data might reach.

It has been noted that background checks for programs serving vulnerable populations such as children, the homeless and elderly have been done for many years. Those checks include gathering of Social Security numbers and other personal information.

The archdiocese recently started running background investigations through the Washington State Patrol criminal background check, which does not use Social Security numbers, archdiocesan spokesman Greg Magnoni told NCR.

As of today, no statements as to the potential source of the breach have been issued by the archdiocese, the IRS or the FBI other than to say potential sources include parishes, schools, the archdiocese itself and vendors.

The archdiocese reaches from Oregon to Canada and from the Cascade Mountains to the Pacific Ocean. It lists 579,500 registered Catholics in 173 missions, parishes and pastoral centers.

In a March 20 visit to Seattle, IRS Commissioner John Koskinen told media representatives that the Seattle archdiocese's tax return fraud case is the biggest the IRS has experienced on the West Coast, although there have been similar outbreaks in the past, including Florida, Georgia and the District of Columbia.

He also warned that the stolen personal information could be sold through "organized crime syndicates around the world" and used in other forms of identity theft.

In its website warning, the archdiocese urged "all employees and volunteers" to take several steps "as soon as possible," including:

  • Contacting the IRS Identity Protection Specialized Unit "to determine if your tax identity has been compromised";
  • Asking the IRS to "place a note ... in their records" about the potential identity theft even if no apparent fraud had yet occurred;
  • Placing a "90-Day Fraud Alert" with the credit bureau Equifax, which, in turn, "will notify the other credit bureaus";
  • Submitting a report to the Federal Trade Commission if identity compromise had been established;
  • Filing a local police report as well as calling the IRS Criminal Investigation unit if fraud activity had been confirmed.

The warning and instructions were also posted in Spanish, Vietnamese and Korean. A link to the IRS site for identify theft and victim assistance was provided.

Meanwhile in Seattle, KIRO-TV reported Friday that the firm Service Alternatives, which employs 550 social workers in Washington state, had suffered a similar identity information attack that has impacted more than three dozen social workers associated with the company.

Social worker Belinda Kindschi told KIRO she was one of the victims and that the possibility of a relationship between the Service Alternatives situation and the Seattle archdiocese case is being investigated.

"Kindschi and her fellow workers have been working with investigators to figure out where the breach occurred and if it has anything to do with the archdiocese breach," KIRO reported.

Some parishioners are expressing frustration that parishes and the archdiocese have been fragmented in reaching out to potential victims, making it clear how widespread the breach might be, and sending any communications directly to potential victims.

Even though the story has been widely covered in the media, a member of Mary Queen of Peace told NCR on Sunday that many parishioners have been unaware they might be among those whose personal information has been stolen.

Join the Conversation

Send your thoughts and reactions to Letters to the Editor. Learn more here