The IRS shuttered its mail return-processing system in 2014, citing the threat of hackers.
The agency’s IT systems had been compromised by cyberattacks, including the attack on its systems in January that took out its website and exposed personal information.
The IRS said in a statement that it was “aware of reports of compromised electronic devices and information stored on them.”
The IRS said it was unable to comment on whether that data was recovered.
A spokesman for the IRS told The Wall St. Journal that the agency “has not provided additional information regarding the reported security breach.”
If a person can access a system that is linked to your identity, that person can have a complete view of all your personal data that you submit electronically, he said.
The spokesman did not elaborate on what information was exposed or how many times the IRS has had to correct its systems for the hackers to recover it.
The agency was unable, for example, to determine whether the information was stored in the IRS’ systems or whether it was stored outside of the IRS system, the spokesman said.
It also could not say whether the stolen information had been accessed in the past, but that it had been reviewed for possible data breaches in the last three years.