The revelation is the latest evidence of a large-scale identity fraud problem against government sites and services such as like MyGov, Medicare and the ATO and Labor wants a national investigation. In one case this month, payroll software used by a Melbourne accounting firm was hacked and the personal and financial details of 1600 employees of its clients were obtained. An alarming level of personal data was plundered including, names, address, dates of birth, tax file numbers, bank account details, gross earnings and superannuation funds and membership numbers. The scammers then prepared and lodged tax returns in the names of some of the unwitting workers. It is was also confirmed to victims that MyGov accounts could have been accessed and changed, or new accounts created using the stolen data, potentially leading to all services linked to the federal government web portal, including Medicare, Centrelink and Child Support, being compromised as well.

Have you fallen victim to tax time thieves? Let us know ps@canberratimes.com.au The Federal Police advised victims that the breach was just a small part of a broader targeted attack on tax file numbers, with the ultimate goal of to lodging false tax returns, that is yielding up to 500 individual tax file numbers every day. In a statement released on Friday morning in response to Fairfax's reporting, the ATO assured taxpayers that they were safe using the agency's online systems. "There has been no breach of ATO systems or ATO held tax file number data," a spokeswoman said. "The majority of refunds that are claimed fraudulently are claimed using illegally obtained personal information and the ATO reminds people to be vigilant with their online security.

"A Tax File Number is an important part of confirming your identity and we encourage taxpayers to keep it safe. "The ATO actively manages fraudulent activity to ensure taxpayers are protected as effectively as possible. "We have intelligent systems and sophisticated analytics that automatically detect tax returns that are suspected of being lodged fraudulently using another person's stolen identity." The producers of the Xero accountancy software breached in the Melbourne responded by saying a number of users had been targeted in a phishing scam and that the New Zealand-based company was working with its clients to address the breach and had urged users to reset passwords. It is unclear if the scams are the work of an onshore or overseas-based gang but reports in the IT trade press have linked the frauds with a West Australian bank account.

Fairfax revealed on Tuesday that more than 26,000 tax returns had been delayed in recent months amid suspicions they were the work of identity fraudsters and that more than 1000 returns, totalling $9 million, had been cancelled after being found to be fraudulent. Detailed questions have been sent to the ATO and the Australian Federal Police but neither agency responded before deadline on Thursday. NSW Labor senator Doug Cameron has been chasing similar cases of fraud involving theft of Medicare refunds. A strike force has been set up in NSW after 369 cases of Medicare fraud were discovered. But Mr Cameron, the opposition's human services spokesman, said the problem appeared to be nationwide and a broader investigation was necessary.