This time, the IRS detected "automated attacks taking place at an increasing frequency" thanks to the additional defenses it added after that initial hack. It said only "a small number" of taxpayers were affected, but it didn't give an exact number. The IRS chose not to kill the tool back in February, since most commercial tax software products use it. After these recent cyberattacks, though, the agency determined that it would be safer to give up on a verification method that's scheduled for the chopping block anyway.

The service also took the chance to remind people that a PIN isn't even necessary to file tax returns. "[Y]ou will need to use your prior-year adjusted gross income (AGI) to validate your signature," the old request page reads. "If you do not have your prior-year tax return, you may use Get Transcript Online or Get Transcript by Mail to obtain your prior-year AGI. You may use your AGI to validate your signature and continue with electronic filing of your tax return."