May 8, 2012 -- Alexis Agin was 4 years old when she died last year from a brain tumor. As her parents grieved their daughter's loss, someone else paid attention to the details of her death too.
An identity thief was easily able to get Alexis' personal information after she died. Her parents had no inkling until they went to file their taxes. Then, to their astonishment, they learned that someone else had already filed a tax return, using Alexis' Social Security number and claiming her as a dependent.
The Agins soon learned they were one of many. "Within an hour of learning that my daughter's Social Security number had been compromised and stolen," said Jonathan Agin, "no fewer than 14 other parents whose children passed away due to cancer contacted us and advised us that their children's Social Security numbers likewise had been stolen."
Americans are told to jealously guard their Social Security numbers, but after one dies, the government goes public with that coveted information. It is all included on a Master Death List.
"This is a database of more than 80 million records that the Social Security Administration maintains of all the deaths in the country. And that information is actually publicly available," said John Breyault at the National Consumers League. "Consumers can go online, on any number of sites, and get full name, date of birth and full Social Security number, which we call the holy trinity of personally identifiable information."
The list is used by banks, credit agencies and others to try to prevent identity theft after someone dies. However, a court case in the 1970s forced the Social Security Administration to make the list public, under Freedom of Information Act laws. "Unfortunately, dead people don't have any privacy rights," said Breyault, "That information, once you're dead, is publicly available information."
"Within 30 seconds of learning that my daughter's Social Security number had been stolen, I went online and found her Social Security number," Agin told ABC News. "All the information is there."
Breyault of the National Consumer League showed ABC News just how easy it was. He sat down with me at a computer and pulled up a wealth of information on my husband, who died of cancer last year. My tax refund for this year has now been held up because someone else filed a return, apparently using my husband's Social Security number. The Internal Revenue Service said it might be a simple mistake by the other taxpayer, not a case of identity fraud. The agency, however, can't yet tell me for sure as it works to unravel the situation.
Today on Capitol Hill, the House Ways and Means' Subcommittees on Social Security and Identity Theft held a hearing on this growing problem.
In his testimony, Russell George, the Treasury inspector general for tax administration, told lawmakers that while processing tax returns in 2011, the IRS managed to flag and stop 940,000 returns that appeared to involve identity theft. The refunds requested on those returns totaled $6.5 billion.
George told lawmakers, "There is much more fraud that it [the IRS] does not detect." The inspector general "identified approximately 1.5 million additional undetected tax returns with potentially fraudulent tax refunds totaling in excess of $5.2 billion," said George. Those refunds were paid out. "If not addressed, we estimate the IRS could issue approximately $26 billion in fraudulent tax refunds resulting from identity theft over the next five years," he testified.
The IRS told ABC News that it believes that five-year estimate is "far too high. The estimate was based on figures from 2010, before the IRS instituted major changes in the way it handles identity theft cases," the agency said. "Our increased compliance and prevention efforts mean we are stopping more refund fraud than ever before."
The Social Security Administration had recently taken steps to cut back on the Master Death List information it releases publicly, leaving off the decedent's state and ZIP code. And the IRS said it has installed identity theft screening filters on its computer systems to flag suspicious returns. "Fighting identity theft will be an ongoing battle for the IRS and one we cannot afford to let up on," said Steven Miller, an IRS deputy commissioner, in written testimony.
Late last year, the IRS established a special taxpayer protection unit to help handle identity theft cases. But George testified that those trying to file their 2011 taxes found it difficult to get through to the unit. "The unit received more than 86,000 calls during the 2012 filing season, but has only been able to answer about 21,000," said George. And according to his testimony, the average phone wait time for taxpayers was almost one hour.
Taxpayers caught in this mess are forced to prove their loved one's identity to the IRS. Agin said he had to provide evidence to show the IRS that his late daughter was his child. Some cases have taken up to a year to resolve.
Congress is considering a number of bills that would limit access to the Master Death List. For Agin and the hundreds of thousands of other taxpayers who have been victims of this fraud, it can't come soon enough. "It's bad enough losing your child to any type of disease, cancer in any manner," said Agin, "but then have somebody steal their identify, the last remaining vestige of your child, it's horrible."