IRS mistakenly publishes 112,000 taxpayer records for the second time
A contractor is thought to be responsible for the error, with the agency reportedly reviewing its relationship with Accenture
The IRS accidentally republished 112,000 taxpayer data records in November after they were initially published as a result of a technical error earlier this year.
Blame for the incident has reportedly fallen on an outside contractor working on behalf of the IRS and tasked with managing a database for the government department.
The incident relates to the upload of 990-T forms which contain private information used by tax-exempt entities, including government entities and retirement accounts, to pay income tax on income that comes from specific investments or that which is unrelated to their exempt purpose, according to a letter sent to congressional leaders, Bloomberg Tax reported.
In September 2022, the IRS said that some Form 990-T data had been made available for bulk download in its Tax Exempt Organization Search (TEOS), which shouldn't have been made public. At the time, it removed the files and was set to replace them with updated files in the future.
However, this time a contractor reuploaded older files to the database with the original data, instead of new ones which ensured the forms were set to be kept private. The IRS had given the corrected data to the contractor on 23 November, but the contractor had not removed the old files from their system.
The IRS was only made aware of the files being available again on their website when a third-party researcher reached out. The IRS then told the contractor to remove them immediately.
Around 104,000 of 106,000 forms previously shared in September were reuploaded to the site. Some forms contained names or business contact information, and the IRS is currently contacting people affected by the data breach. When more than 100,000 forms suffer a disclosure, the IRS is forced by the law to inform Congress.
The revenue service is also reportedly reconsidering its relationship with contractor Accenture on this project. IT Pro has contacted the company for comment.
“The IRS is continuing to review the situation to identify opportunities to establish additional controls and strengthen existing controls to protect taxpayer information,” said US Treasury spokesperson John Rizzo.
What 2023 will mean for the industry
What do most IT decision makers really think will be the important trends and challenges in the coming year?Free Download
2022 Magic quadrant for Security Information and Event Management (SIEM)
SIEM is evolving into a security platform with multiple features and deployment modelsFree Download
IDC MarketScape: Worldwide unified endpoint management services
2022 vendor assessmentFree Download
Magic quadrant for application performance monitoring and observability
Enabling continuous updating of diverse & dynamic application environmentsView Now