The Associated Press reports on the IRS tracing the identity thieves to Russia, a country commonly known for their penchant to conduct cyber-based criminal activity:

But two officials briefed on the matter said Wednesday the IRS believes the criminals were in Russia, based on computer data about who accessed the information. The officials spoke on condition of anonymity because they were not authorized to publicly discuss the ongoing investigation.

The revelation highlights the global reach of many cyber criminals. And it’s not the first time the IRS has been targeted by identity thieves based overseas.

In 2012, the IRS sent a total of 655 tax refunds to a single address in Lithuania, and 343 refunds went to a lone address in Shanghai, according to a report by the agency’s inspector general. The IRS has since added safeguards to prevent similar schemes, but the criminals are innovating as well.

The information was taken from an IRS website called “Get Transcript,” where taxpayers can get tax returns and other tax filings from previous years. In order to access the information, the thieves cleared a security screen that required detailed knowledge about each taxpayer, including their Social Security number, date of birth, tax filing status and street address.

No surprises here.