Instructions for reporting security incidents

 

Submit a Microsoft Excel spreadsheet or Microsoft Word document, that has been encrypted using WINZIP 9 with password protection. The submission must include the following information:

  1. Date and time of the incident.
  2. Source of the incident.
  3. Method of detection.
  4. Detail description of the incident.
  5. Why the incident should be of concern.
  6. Corrective actions planned or taken.
  7. Whether taxpayer information was disclosed (Y/N only, do not include taxpayer information).
  8. Number of taxpayers impacted.
  9. Regular business hours contact name, phone number, and email address.
  10. After-hours contact name, phone number, and email address.
  11. Provider’s EFIN.
    and
  12. The name of a principal or responsible official as shown on the e-file application.

Note: This information must be enumerated exactly as above.

Submit the ZIP file and the password to new.efile.requirements@irs.gov via two separate email messages.

The subject line of both email messages must show SECURITY INCIDENT.