“According to the GAO report, the IRS is actually losing ground. In 2002, when the accounting agency did its last security review, it found 53 weaknesses. Since then, the IRS has corrected or mitigated 32. In the meantime, another 39 weaknesses have popped up to boost the current total to 60.
‘[The] IRS has not implemented effective electronic access controls to prevent, limit, or detect unauthorized access to computing resources from the internal IRS computer network,’ stated the report in GAO-ese. In plainer English, there are numerous ways that taxpayer information–including Social Security numbers, income, addresses, and phone numbers–could be illegally accessed.
The GAO, for instance, found that nearly 7,500 mainframe users, which included IRS employees, independent contractors, and non-IRS government employees, all have the ability to access and even change ‘sensitive taxpayer’ data. Lack of other security controls and wide-open access privileges mean that the IRS might not even know if an identity breach has occurred, said the GAO.
All the GAO could conclude was that ‘taxpayer data may have been disclosed to unauthorized individuals.'”
Believe it or not, there is even more in the article.
Pathetic and unbelievable. Tax payers have to allow this group access to their personal data?
NOTE: Originally posted: April 2005 (recreated from mangled original bambismusings.blogspot.com)