Legal Disclosure    Advertiser Disclosure

Report: IRS Still Putting our Financial Data at Risk

Published March 22, 2011   |    min. read

Christopher Maag

 Contributing writer for Credit.com, Chris graduated with honors f... Read More
0 comments

Maag_IRS Security_110322Instead of getting better at protecting taxpayers’ personal financial information, the Internal Revenue Service is actually getting worse, according to a new report by the Government Accountability Office. The IRS has failed to fix most of its existing data security vulnerabilities, even as new ones continue to crop up.

“(C)ontrol weaknesses over key financial and tax processing systems continue to jeopardize the confidentiality, integrity, and availability of financial and sensitive taxpayer information,” the report found.

That’s a serious problem for taxpayers and consumers who rely on the IRS to keep information secure, says Ondrej Krehel, information security officer at Credit.com’s sister company, Identity Theft 911. The IRS gathers all types of information, including e-mail addresses, physical addresses and Social Security numbers—everything a thief might need to steal identities for profit.

“As I was reading it I was thinking, ‘is this a bad joke?’” Krehel says. “This is pretty bad.”

[Fraud Resource: Free Identity Risk Score and personal risk profile]

Get everything you need to master your credit today.
Get started for free

The troubles are both internal and external, Krehel says. Inside the IRS, some of the agency’s most important databases are controlled by computers that can be accessed without passwords. An insider with access to those computers could easily steal entire databases.

“You probably can’t access it from outside” the agency, says Krehel. “But if you’re on the inside, it seems there’s nothing to prevent you from accessing and copying these databases.”

Externally, the IRS receives taxpayer data from various private companies. For example, many companies offer software that helps taxpayers prepare and submit their own taxes directly to the IRS.

“If they don’t safeguard their own data properly, how do they properly vet all the middlemen who handle their data? What are their standards?” Krehel says.

The GAO has been on the IRS’s case about data security since 2008. Since then it has found serious problems with the agency’s efforts to limit identity theft by its own employees. Three-quarters of the weaknesses found previously by the GAO still plague the agency, despite years of efforts by the IRS to fix its security weaknesses.

“(U)ntil the agency corrects the identified weaknesses, its financial systems and information remain unnecessarily vulnerable to insider threats, including errors or mistakes and fraudulent or malevolent acts by insiders,” according to the report.

Image: © Laura Gangi Pond | Dreamstime.com

You Might Also Like

What Can Someone Do With Your Social Security Number?

Find out what someone can do with your stolen Social Security num... Read More

October 19, 2023

Identity Theft and Scams
how to prevent identity theft

11 Tips for How to Prevent Identity Theft

The Federal Trade Commission’s Consumer Sentinel Network re... Read More

May 17, 2022

Identity Theft and Scams
A man and woman chat in an office

COVID-19 Scams

COVID-19 vaccines are being rolled out across the country, and th... Read More

May 20, 2021

Identity Theft and Scams