Paul L. Caron

Thursday, May 28, 2015

GAO, TIGTA Warned Of IRS's Lax Computer Security For Years Before Hack Of 100,000 Taxpayer Accounts On IRS Website

ID TheftFollowing up on yesterday's post, Hackers Gained Access To Old Tax Returns For 100,000 Taxpayers On IRS Website:  USA Today, Audits and Reports Warned of IRS Computer Safety Risks:

Government monitors repeatedly warned of IRS computer security risks long before Tuesday's disclosure that identity thieves had stolen tax agency data for roughly 100,000 U.S. households.

"Computer security has been problematic for the IRS since 1997," according to an October 2014 report by the Treasury Inspector General for Tax Administration, the government monitor for the nation's tax agency. So problematic, that TIGTA has ranked security for taxpayer data and IRS employees as among the tax agency's top management challenges every year at least since 2004.

The U.S. Government Accountability Office separately warned last year that despite IRS computer security improvements, "weaknesses remain that could affect the confidentiality, integrity and availability of financial and sensitive taxpayer data." Shortcomings identified by the GAO included the IRS' failure to restrict physical access to computer resources, along with the use of weak encryption for authentication on many of the tax agency's computer servers.

The IRS agreed with many of the findings and said corrections would be made. However, tax agency officials have contended that IRS budget cuts approved by Congress have made it harder to implement upgraded security safeguards.

IRS News, Tax | Permalink


They had enough money for lavish conferences, Star Trek training videos, and bonuses for employees who didn't pay their taxes.

Posted by: Nathan | May 28, 2015 6:01:02 AM

Of course, it's ALWAYS those EEEEEEVIL Republicans and their darned BUDGET CUTS that are to blame!!! Curses, foiled again!!!

Posted by: Jeff H | May 28, 2015 6:53:45 AM

I suspect it is a combination of some degree of incompetence on the IRS's part and, yes, relentless budget cutting. It is a fact that good security costs money.

Posted by: Louis Sullilvan | May 28, 2015 8:19:20 AM

The conference and training video expenses are irrelevant and harmless. What damages our system of government is ideologically motivated enforcement and illicit modification of tax law through creative interpretation.

Posted by: AMT buff | May 28, 2015 9:14:57 AM

Yeah, someone managed to get into the IRS' system and only got 100,000 taxpayers' info. Who believes that? By the time the whole story comes out, that number will be in the millions.

Posted by: JGalt | May 28, 2015 5:25:56 PM