1.4 Million Taxpayers Exposed to ‘increased risk of fraud and identity theft’ by IRS

Computer hackerThe geniuses at the Internal
Revenue Service gave sensitive data on over a million taxpayers to
a printing contractor wiout checking the bona fides of any of the
contractor’s employees, says the Treasury Inspector General for Tax
Administration. The news comes from a
report dated last month but just released to the public. This
and several similar screw-ups “exposes taxpayers to increased risk
of fraud and identity theft.”

The report reveals a number of interesting tidbits, such as the
fact that, in adddition to IRS personnel, 14,000 contractors have
“staff-like” access to Sensitive But Unclassified (SBU)
information. Such protected data includes “any information under
the IRS’s authority that the loss, misuse, unauthorized access, or
modification of could adversely affect the national interest, the
conduct of IRS programs, or the privacy to which individuals are
entitled under law.” To gain that access, contractors have to
submit to background checks.

One wonders how 14,000 contractors, plus actual IRS employees,
can be expected to keep that stuff close to their vests, but the
point is moot, since the IRS didn’t follow its own rules, anyway.
The tax collection agency failed to perform background checks when
handing out five reviewed contracts for courier, printing, document
recovery, and sign language interpreter services. The report also
found a dozen other contracts where the IRS planned to perform
background checks, but didn’t get to all of the people on the
job.

One highlight:

One contract was awarded to print and mail IRS tax forms during
which the IRS provided the contractor a compact disk containing 1.4
million taxpayers’ names, addresses, and Social Security Numbers.
The IRS used a Government Printing Office contract to fulfill this
requirement; however, the IRS had not provided the Government
Printing Office with the appropriate security provisions for
inclusion in the related solicitation and contract as required.

None of the contractor personnel who worked on this contract
underwent a background investigation. 

The report concludes that “Allowing contractor personnel access
to and custody of sensitive information prior to the appropriate
background screening process increases the risk to taxpayers and
the IRS of misuse of taxpayer and other sensitive data and possible
identity theft.”

This is true, but it’s worth pointing out that the IRS is currently embroiled in a
scandal over the
deliberate misuse of tax data and its power over tax
rules. Adding carelessness on top of that, along with permitted
access to sensitive data by tens of thousands of government
employees and temps, gravy.

It’s obvious that letting the IRS compel the public to disclose
abusable information is a really bad idea in itself.

from Hit & Run http://ift.tt/1pc1IeJ
via IFTTT

Leave a Reply

Your email address will not be published. Required fields are marked *