Thieves armed with stolen personal identification of taxpayers sought to kidnap $14.5 billion in 2015 tax return money, according to a new audit.

And even with security measures in place, they ended up pocketing $2.2 billion, and causing thousands of taxpayers the agony of proving they didn’t get their refund, according to the Government Accountability Office.

The audit said that recent IT security measures have been an improvement, but more needs to be done to shut down the “fraudsters.”

The GAO wrote in the new report to House and Senate oversight committees:

Identity theft (IDT) tax refund fraud is an evolving and costly problem that causes hardship for legitimate taxpayers who are victims of the crime and demands an increasing amount of the Internal Revenue Service’s (IRS) resources. IDT refund fraud occurs when a refund-seeking fraudster obtains an individual’s Social Security number, date of birth, or other personally identifiable information (PII), and uses it to file a fraudulent tax return seeking a refund.

This crime burdens honest taxpayers because authenticating their identities is likely to delay the processing of their returns and refunds. IRS estimates that at least $14.5 billion in IDT tax refund fraud was attempted in tax year 2015, of which it prevented at least $12.3 billion (85 percent). Of the amount attempted, IRS estimated it paid at least $2.2 billion (15 percent).

That was sizable target: Overall, the IRS returned $124 billion that year.

See the full report here.

Paul Bedard, the Washington Examiner's "Washington Secrets" columnist, can be contacted at pbedard@washingtonexaminer.com