The IRS’ online “Get Transcript” service was misused to access taxpayers information.

Nearly 100,000 U.S. taxpayers’ data from tax returns was subjected to unauthorized access by cyber thieves during the last four months, John Koskinen, the U.S. IRS Commissioner said on Tuesday.

“We’re confident these are not amateurs. These are actually organized crime syndicates that not only we but everyone in the financial industry are dealing with,” Koskinen said.

The agency said that the intrusion did not affect IRS data outside the “Get Transcript” application, adding that it would augment its security measures.

During February to May, cyber thieves tried to access personal tax information 200,000 times through the agency’s “Get Transcript” online application, which fetches information from previous returns, and were successful in almost half of the attempts.

Koskinen refused to comment on who the thieves might be whilst a criminal investigation is ongoing. It’s believed the intention to steal taxpayers’ information may have been carried out to submit fraudulent returns in the subsequent year, said Konsiken.

The agency estimates that less than 15,000 fraudulent returns may have been processed as a result of the unauthorized access thereby refunding roughly $50 million.

The IRS is just one of the recent cyber attack victims with JP Morgan Chase along with mega-retailers Target and Home Depot suffering cyber attacks. The newest in the series of breaches, The IRS security breach differs in the way in which the computers were not hacked but their online system was compromised. The criminals used information they had compiled on individuals who were supposed to use the system and accessed the system via this method.

The attackers must have been in possession of a considerable amount of information about the taxpayers like “out of wallet” data, personal information such as the individual’s first car or high school mascot, said Konsiken. The identity thieves are believed to have used individuals’ social media accounts then compiled them into databases which they used to get answers for personal security questions, according to Konsiken.

The tax agency was alerted regarding the suspicious activity during the annual tax-filing season in mid-April. The agency will now send notification letters to affected taxpayers this week, and will provide victims free credit monitoring and protection.