Another day, another slipup by the Internal Revenue Service.
The incident involves the unwitting exposure of "tens of thousands" of Social Security numbers, according to a recent audit by the independent transparency and public-domain group Public.Resource.org. The identifying numbers were on the Internet for less than 24 hours after being discovered, but the damage was done. And unfortunately, the data-breach concerns some of the most sensitive types of transactions: Those made by nonprofit political groups known as 527s.
Every so often, 527s have to file tax forms to the IRS, which then get added to a database. The database itself is hardly a secret; the IRS has been sending updated records routinely to Public.Resource.org and other public-interest groups, and it's a favorite among political reporters. But when the IRS told the group's founder, Carl Malamud, to disregard the Form 990-Ts included in the agency's January release, he took a closer look at the files in question.
After analyzing the breach, Malamud wrote a letter to the IRS pointing out 10 instances where a social security number was accidentally revealed on the government's website—just a small sample of the larger breach.
Just the day before, Malamud had filed another letter to the agency describing a problem with the 990-Ts. Of over 3,000 tax returns contained in the January update, 319 contained sensitive data the agency should have scrubbed, Malamud wrote in the July 1 report that he filed to the inspector general's office. In that mixup, some 2,319 social security numbers—perhaps more—were revealed.
Read Full Article
The incident involves the unwitting exposure of "tens of thousands" of Social Security numbers, according to a recent audit by the independent transparency and public-domain group Public.Resource.org. The identifying numbers were on the Internet for less than 24 hours after being discovered, but the damage was done. And unfortunately, the data-breach concerns some of the most sensitive types of transactions: Those made by nonprofit political groups known as 527s.
Every so often, 527s have to file tax forms to the IRS, which then get added to a database. The database itself is hardly a secret; the IRS has been sending updated records routinely to Public.Resource.org and other public-interest groups, and it's a favorite among political reporters. But when the IRS told the group's founder, Carl Malamud, to disregard the Form 990-Ts included in the agency's January release, he took a closer look at the files in question.
After analyzing the breach, Malamud wrote a letter to the IRS pointing out 10 instances where a social security number was accidentally revealed on the government's website—just a small sample of the larger breach.
Just the day before, Malamud had filed another letter to the agency describing a problem with the 990-Ts. Of over 3,000 tax returns contained in the January update, 319 contained sensitive data the agency should have scrubbed, Malamud wrote in the July 1 report that he filed to the inspector general's office. In that mixup, some 2,319 social security numbers—perhaps more—were revealed.
Read Full Article