IRS Puts Taxpayer Data at Risk

It is one thing when TJ Maxx or The Gap are careless with employee or customer data. Everyone entrusted with sensitive information such as addresses, birthdates, credit card information, bank account data, social security numbers, etc. should take the responsibility that comes with that trust very seriously. But, one institution that should put protection of personal and sensitive data above all else is the Internal Revenue Service (IRS).

However, a recent report from the Treasury Inspector General for Taxpayer Information, a government agency, shows that they discovered almost 2,000 rogue, unidentified web servers within the IRS. Their review of the IRS systems also found more than 2,000 web servers with at least one known vulnerability, 540 of which have at least one Highly Critical vulnerability.

To me, this is just inexcusable. It is unacceptable for the organization entrusted with the income tax information for every working American to have problems of this magnitude. You can read the report (Unauthorized and Insecure Internal Web Servers Are Connected to the Internal Revenue Service Network) for more details on your tax dollars at work.