- The issue of cyber security is too important to politicize, but even a breach of taxpayer information at the IRS isn’t enough to convince our leaders of that
Millions of Americans have experienced the anxiety of having to deal with an audit or some other form of administrative action by the Internal Revenue Service. Little did they realize that one day the abuse would include identity theft.
According to Fox News and the Associated Press, the IRS’ information technology isn’t as secure as it ought to be, perhaps, as evidenced by the fact that identity thieves recently managed to hack the agency’s online service to obtain tax return info for about 100,000 American households, agency spokes-officials admitted.
In particular, the agency said that the cyber criminals used stolen Social Security numbers and other information in order to gain access to accounts. Of about 200,000 attempts, the IRS, said, half of those were successful.
The IRS said thieves used the information from prior years’ returns to help them file for fake refunds. They did it by accessing a system called “Get Transcript,” where they had to clear a security screen that required knowledge about the taxpayer, including Social Security number, date of birth, tax filing status and street address.
“The IRS notes this issue does not involve its main computer system that handles tax filing submission; that system remains secure,” the agency said in a statement.
IRS officials said thieves targeted the system from February to mid-May; since then, the service has been shut down.
“In all, about 200,000 attempts were made from questionable email domains, with more than 100,000 of those attempts successfully clearing authentication hurdles,” the agency said. “During this filing season, taxpayers successfully and safely downloaded a total of approximately 23 million transcripts.”
As most filers know, tax returns contain a wealth of personal information including Social Security numbers, birthdates of dependents and spouses, and other useful data. That said, the IRS noted that the thieves appeared to already have a decent amount of personal information, which allowed them to target specific accounts.
“Taxpayers must know that the information they send to the IRS is secure,” Senate Finance Committee Chairman Orrin Hatch, R-Utah, said in a written statement following the announcement. “And hackers who would steal that information must know that they will suffer severe consequences for their crimes.”
The IRS said it is notifying taxpayers whose information was accessed. Reports were not clear about where the hack originated, though point of origin may not be helpful considering that hackers generally use various URLs as points of entry into systems, especially those managed by Uncle Sam.
In the meantime, while cyber crime grows, the Congress of the United States and the Obama administration continue to support precisely the wrong initiatives. As noted by US News & World Report, the House in April approved a cybersecurity bill that the Obama regime supports, but the measure might actually hurt security and privacy:
The House voted to pass a cybersecurity information-sharing bill with the support of the White House on Wednesday, but security professionals and privacy advocates warn that the measure would place sensitive consumer information at risk and would not even protect networks (our emphasis).
Congress has failed to pass significant cybersecurity legislation in recent years due to partisan divisions on whether bills allowing greater sharing of threat data between companies and the government would endanger consumer privacy. The bill, called the Protecting Cyber Networks Act, still faces a vote in the Senate, where supporters say it is expected to have the votes needed to pass after easily advancing by a 307-116 margin in the House.
This is par for the course – Congress and the White House have agreed on a cyber security measure that does nothing to address the problem, but likely a) adds new layers of meaningless, archaic bureaucracy while b) completely whiffing on cyber security altogether.
The White House sees two problems. First, the bill in its current form would lead to more unnecessary sharing of privacy and consumer information (which, of course, the corporations want); and it would ostensibly provide too much legal protection to companies who “fail” to provide adequate cyber security.
As to the first issue, it’s commendable for the least transparent administration (since the previous one) to at least bring up the issue of privacy, if in the end the White House is serious about making sure that, for once, it is truly protected, as in Fourth Amendment-protected.
As to the second issue, it is somewhat unreasonable to expect companies to be held legally liable for being unable to protect consumer data 100 percent of the time in 100 percent of all hacking cases. Cyber security, most often, is only as good the most recent version of anti-virus software, which is generally out of date when it is released. So, barring some major technological breakthrough in code-breaking, getting all data secured all the time is a pipe dream.
Who decides what is “adequate?” Who decides when or if a company has done its best to protect consumer data? Granted, there probably ought to be minimums when it comes to deciding what level of protection companies should offer, but what if they do offer those minimums – would Obama still hold them liable? And what if a government agency like the IRS is breached: Will the government be held legally responsible?
The issue of cyber security is too important to politicize, but even a breach of taxpayer information at the IRS isn’t enough to convince our leaders of that.
Do you think it’s even possible for the government to protect our data? SOUND OFF below?
The post IRS abuse of taxpayers reaches a new level as govt. now struggles to protect our privacy appeared first on Absolute Rights.