IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

IRS mistakenly publishes 112,000 taxpayer records for the second time

A contractor is thought to be responsible for the error, with the agency reportedly reviewing its relationship with Accenture

The IRS accidentally republished 112,000 taxpayer data records in November after they were initially published as a result of a technical error earlier this year.

Blame for the incident has reportedly fallen on an outside contractor working on behalf of the IRS and tasked with managing a database for the government department.

The incident relates to the upload of 990-T forms which contain private information used by tax-exempt entities, including government entities and retirement accounts, to pay income tax on income that comes from specific investments or that which is unrelated to their exempt purpose, according to a letter sent to congressional leaders, Bloomberg Tax reported.

In September 2022, the IRS said that some Form 990-T data had been made available for bulk download in its Tax Exempt Organization Search (TEOS), which shouldn't have been made public. At the time, it removed the files and was set to replace them with updated files in the future.

However, this time a contractor reuploaded older files to the database with the original data, instead of new ones which ensured the forms were set to be kept private. The IRS had given the corrected data to the contractor on 23 November, but the contractor had not removed the old files from their system.

The IRS was only made aware of the files being available again on their website when a third-party researcher reached out. The IRS then told the contractor to remove them immediately. 

Around 104,000 of 106,000 forms previously shared in September were reuploaded to the site. Some forms contained names or business contact information, and the IRS is currently contacting people affected by the data breach. When more than 100,000 forms suffer a disclosure, the IRS is forced by the law to inform Congress.

The revenue service is also reportedly reconsidering its relationship with contractor Accenture on this project. IT Pro has contacted the company for comment.

“The IRS is continuing to review the situation to identify opportunities to establish additional controls and strengthen existing controls to protect taxpayer information,” said US Treasury spokesperson John Rizzo.

Featured Resources

What 2023 will mean for the industry

What do most IT decision makers really think will be the important trends and challenges in the coming year?

Free Download

2022 Magic quadrant for Security Information and Event Management (SIEM)

SIEM is evolving into a security platform with multiple features and deployment models

Free Download

IDC MarketScape: Worldwide unified endpoint management services

2022 vendor assessment

Free Download

Magic quadrant for application performance monitoring and observability

Enabling continuous updating of diverse & dynamic application environments

View Now

Recommended

US begins seizure of 48 DDoS-for-hire services following global investigation
distributed denial of service (DDOS)

US begins seizure of 48 DDoS-for-hire services following global investigation

15 Dec 2022
US seizes millions in stolen COVID relief funds by China-backed hackers
Policy & legislation

US seizes millions in stolen COVID relief funds by China-backed hackers

6 Dec 2022
Biden sets June deadline for $42 billion broadband funding outline
Network & Internet

Biden sets June deadline for $42 billion broadband funding outline

11 Nov 2022
FCC eyes formal ban of all Huawei, ZTE equipment sales
Policy & legislation

FCC eyes formal ban of all Huawei, ZTE equipment sales

14 Oct 2022

Most Popular

Dutch hacker steals data from virtually entire population of Austria
data breaches

Dutch hacker steals data from virtually entire population of Austria

26 Jan 2023
GTA V vulnerability exposes PC users to partial remote code execution attacks
vulnerability

GTA V vulnerability exposes PC users to partial remote code execution attacks

23 Jan 2023
European partners expect growth this year, here are three ways they will achieve it
Sponsored

European partners expect growth this year, here are three ways they will achieve it

17 Jan 2023