Despite the vast amount of confidential and personal information held by the Internal Revenue Service (IRS), the Agency remains susceptible to data breaches and cyber-attacks. A new report by the Government Accountability Office (GAO) reveals that the IRS “has not effectively implemented elements of its information security program,” leaving both personal and financial data of millions of Americans “unnecessarily vulnerable to inappropriate and undetected use, modification, or disclosure.”
While the GAO already issued 43 recommendations to help secure these vulnerabilities, the IRS responded with their “usual excuses and evasions,” in which IRS Commissioner John Koskinen claimed the Agency’s systems are “sound.” These recent findings are certainly not new to the IRS. The Agency has had a history of weak cybersecurity practices with the most notably resulting in the discovery of 720,000 breached personal accounts on the agency’s “Get Transcript” website last May. In response to these new found vulnerabilities, Speaker Paul Ryan has expressed his frustration on his website, promising to “continue to exercise vigorous oversight to help ensure the IRS adopts all 43 GAO recommendations.” He explained, “Hardworking taxpayers need assurances that the IRS will do everything possible to protect their personal information—and we are committed to giving Americans that peace of mind.”