The Internal Revenue Service (IRS) has admitted that it accidentally leaked confidential information of 120,000 taxpayers on the web. The affected taxpayers are those who filed a form 990-T as part of their return.
The IRS 990-T form is used to report ‘unrelated business income’ paid to a tax-exempt entity, such as charities or other non-profits, as well as IRA or SEP retirement accounts.
These forms are meant to be confidential and viewed only by the IRS for individual taxpayers. However, non-profits with 990-T submissions must be available for public inspection for three years.
The IRS disclosed on September 2 that in addition to sharing form 990-T data for charities, they also accidentally included individual taxpayer data of IRAs that was meant to be private.
The IRS released a public statement which states that affected taxpayers will be notified within “the coming weeks.” The statement continues:
The IRS took immediate steps to address this issue. The files have been removed from IRS.gov and will be replaced with updated files in the near future. In addition, the IRS also will be working with groups that routinely use the files to remove the erroneous files and replace them with the correct versions as they become available. The IRS will contact all impacted filers in the coming weeks.
The Wall Street Journal reports that the IRS also notified Congress the same day.
The personal information reported to be accidentally leaked includes names, contact information, and reported income. The IRS states that no social security numbers, individual tax returns or account holder information was part of the leak.
The IRS has been plagued with information technology struggles, with antiquated systems and lack of personnel. It recently was approved an $80 billion budget in part to hire customer service representatives to answer phones—something they can’t even provide today.
Discover more from Cybersecurity Careers Blog
Subscribe to get the latest posts sent to your email.