HMRC locks 100,000 tax accounts after it’s hit by ‘organised crime’…

THOUSANDS of taxpayers have had their online accounts locked and login details deleted after “organised crime fishing” scams targeted HMRC in a £47million fraud sting.

Up to 100,000 personal tax accounts were shut down after it detected unauthorised access by criminal gangs in an elaborate bid to extract repayments from the tax authority – not from individuals.

Officials told MPs that the threat, which has not been classified as a cyber attack, was carried out over an extended period last year by multiple crime syndicates running phishing campaigns.

Angela McDonald, deputy chief executive of HMRC, told the Treasury Committee: “At the moment, they’ve managed to extract repayments to the tune of £47 million. Now that is a lot of money and it’s very unacceptable.”

The tax office said the breach was identified nearly a year ago but it has only now begun informing affected customers by letter.

Letters are being sent from today until June 25.

Anyone hit will need to re-register for online services with new Government Gateway credentials.

In a statement, HMRC said: “We have written to affected customers and taken action to protect these accounts.”

“This was an attempt to claim money from HMRC, not an attempt to take any money from you,” the statement added.

The agency said it has locked down affected accounts, deleted login details to prevent future unauthorised access, removed incorrect information from tax records, and checked to ensure no other details were changed.

John-Paul Marks, the newly appointed HMRC chief executive, told MPs: “It’s about 0.2% of the PAYE population, around 100,000 people, who we have written to, are writing to, to notify them that we detected activity on their PAYE account.”

Asked to confirm this affected individuals not companies, Marks replied: “That’s right, individuals. To be clear, no financial loss to those individuals.

“This was organised crime fishing for identity data outwith of HMRC systems.”

He also revealed that the criminal probe into the breach has included “jurisdictions outside the UK” and led to “some arrests last year.”

Lisa Webb, Which? consumer expert said: “Many people will understandably be concerned that their personal data has fallen into the hands of criminals who might try to exploit it.

“People should be wary of unexpected phone calls, emails or suspect ‘customer support’ messages popping up on social media regarding the breach, as fraudsters might try to take further advantage of this cyber attack. 

“If you’re ever unsure who you’re speaking with, end the conversation and contact the company directly – for banking support you should call back on the number listed on the back of your bank card.”

Ms McDonald added: “The system will be up and running by tomorrow morning.”

Anyone concerned about their account is urged to wait for the letter or email the Fraud Prevention Centre at FraudPreventionCentre@hmrc.gov.uk.

It comes as Brits are being urged to check their tax codes immediately as thousands could be due a £700 refund from HMRC.

HMRC will also issue urgent letters to 1.5 million parents to avoid having a £1,354 payment stopped ahead of the new school year.

Back in March 2022, HMRC had warned of a rising wave of phishing attacks seeking Government Gateway logins to file bogus tax refund claims.

Despite the breach, HMRC stressed: “This was not a cyber security breach… HMRC is always facing these kinds of attempts on the organisation, it is a constant battle.”