As mentioned, the source of the scam itself has investigators at the various state agencies puzzled. The consensus is that the medical professional's data has somehow been compromised, but the source of the potential breach remains unknown.
The common thread between the victims suggests that the source of the data could be a national insurance agency. Many of the victims reported that their 5071C notices included the name of an unknown individual listed as a spouse, but in some cases, the name listed was that of a prior patient.
The use of patient data, in addition to the medical professional's details lends creditability to the working theory that an insurance company could be the source of the data being used in the scam. However, at this stage, none of the agencies investigating the matter have enough information to prove or disprove that assumption.
According to the IRS, the number of identity theft related criminal investigations increased by 66 percent last year. The agency says such growth made it one of the fastest growing crimes in the U.S.
"Identity theft is one of the fastest growing crimes nationwide, and refund fraud caused by identity theft is one of the biggest challenges facing the IRS," said IRS Commissioner John Koskinen.
Sign up for CIO Asia eNewsletters.