IRS probing possible data security breaches


PDA






onerifle
June 24, 2005, 09:13 PM
Great week, ain't it???:rolleyes:

By Caroline Drees, Security Correspondent

http://reuters.myway.com/article/20050624/2005-06-24T203656Z_01_N24203433_RTRIDST_0_NEWS-SECURITY-USA-DATA-DC.html

WASHINGTON (Reuters) - The Internal Revenue Service is investigating whether unauthorized people gained access to sensitive taxpayer and bank account information but has not yet exposed any privacy breaches, an official said on Friday.

The U.S. tax agency -- whose databases include suspicious activity reports from banks about possible terrorist or criminal transactions -- launched the probe after the Government Accountability Office said in April that the IRS "routinely permitted excessive access" to the computer files.

The GAO team was able to tap into the data without authorization, and gleaned information such as bank account holders' names, social security numbers, transaction values, and any suspected terrorist activity. It said the data was at serious risk of disclosure, modification or destruction.

"There is no evidence that anyone who was not authorized accessed the data outside the GAO," said Sheri James, a spokeswoman for the Treasury's Financial Crimes Enforcement Network (FinCEN), which is working with the IRS to address the concerns of the GAO, the investigative arm of Congress.

"The assessment remains ongoing at this time," James said.

IRS officials were not immediately available for comment.

FinCEN is responsible for administering the Bank Secrecy Act, under which banks must file suspicious activity reports on transactions they believe could be linked to money laundering or terrorism financing. The IRS stores this data for FinCEN.

As their name suggests, these reports are filed based on suspicions, not necessarily proof, and the vast majority never lead to investigations or prosecutions.

Unauthorized access to the information held by the IRS raises concerns about the privacy rights and civil liberties of innocent banking clients as well as ordinary taxpayers.

From October, when FinCEN rolls out a new computer system called BSA Direct, the agency will for the first time take control of all BSA data from filing to dissemination, which it hopes will significantly bolster data security.

Taxpayer data will remain with the IRS, which the Treasury says is addressing its "computer security deficiencies."

Concerns about privacy violations through weak computer security are mounting in the United States, where a string of companies this year have reported stolen or misappropriated customer data, including Bank of America Corp., ChoicePoint Inc. and Reed Elsevier .

Since ChoicePoint announced in February that it mistakenly sold 145,000 consumer profiles to a ring of identity thieves, dozens of other organizations, from banks to universities, have announced security breaches of their own.

If you enjoyed reading about "IRS probing possible data security breaches" here in TheHighRoad.org archive, you'll LOVE our community. Come join TheHighRoad.org today for the full version!
pax
June 24, 2005, 09:31 PM
Lovely.

pax

Standing Wolf
June 24, 2005, 10:52 PM
Well, I've never so-called "misplaced" anybody's sensitive personal information!

hifi
June 24, 2005, 10:57 PM
Maybe the hackers worked for UPS...

Justin
June 25, 2005, 02:50 AM
It would seem that we are entering the golden age of identity theft. The feds' paranoia about terrorists and other assorted boogiemen has given rise to all sorts of new and fun information gathering requirements, both under the letter of law and "friendly suggestions." As a result, it would seem that once one overcomes the security hurdles of one of the companies or .gov orgs that warehouses this stuff that it's much easier to walk off with the data to do as you please.

Gun-toting bank robbers, and erstwhile ID thieves digging through your trash are hopelessly clueless schmucks. Why risk one's life or time hitting a single bank or digging through the neighbor's refuse when a decent laptop and a case of Mountain Dew given to the right script kiddie will reap information literally thousands of times more valuable?

Matthew748
June 25, 2005, 07:50 AM
I seem to remember hearing on the radio a week or two ago that CITIGroup was hacked into too. That is too much of a coincidence for me.

If you enjoyed reading about "IRS probing possible data security breaches" here in TheHighRoad.org archive, you'll LOVE our community. Come join TheHighRoad.org today for the full version!