U.S. taxpayers received a major blow this week when it was revealed that cyber criminals gained access to at least 100,000 tax accounts through the IRS’s “Get Transcript” application.

Among the information that was lifted from taxpayer accounts? It included Social Security Numbers, street addresses and birthdates. The IRS will be reaching out to victims in the near future with official notification letters and will also provide free credit monitoring for victims moving forward. 

Currently, it’s not yet known who is responsible for the data heist. It is evident, however, that the group had access to enough information to bypass the application’s multifactor security safeguards. In other words, the group had access to private authentication credentials like passwords and answers to personal security questions. Using this information, the hackers were able to string the credentials together in order to gain easy access into taxpayer accounts.

What’s the lesson that your business should take away from this incident? It’s time to recognize the fact that private information like Social Security Numbers are steadily increasing in value online; in fact, this sensitive data can sell for several times as much as credit cards. So your business needs to get serious about safeguarding such sensitive information.

Look to protect your applications with advanced authentication technologies like voice biometrics, fingerprint scanners or facial scanners. By building these types of solutions into the framework of your applications, you will prevent hackers from gaining easy entry into your databases. If the IRS had embraced biometric security solutions, it would have most likely been able to thwart the hackers from entering into its system.

And remember: If you continue to rely on outdated security credentials to safeguard your information, your business will be a sitting duck for hackers looking to prey on your customers’ accounts.