Home Significant Cybersecurity Weaknesses at IRS

Significant Cybersecurity Weaknesses at IRS

The U.S. Internal Revenue Service remains vulnerable to cybersecurity threats, in particular insider threats that continue to jeopardize the confidentiality of taxpayer information according to a report (PDF) released by the U.S. Government Accountability Office Friday.

The report points out that the IRS doesn’t always enforce strong password management, authorize user access, encrypt sensitive data, effectively monitor mainframe changes or physically protect its computer resources.

The IRS collected about $2.7 trillion in taxes in 2007/08 and relies extensively on computerized systems; systems that are still vulnerable to misuse. While the IRS has corrected 49 of the 115 security issues found by the GAO during its last IRS audit, it’s still not enough. “Despite IRS’s progress, information security control weaknesses continue to jeopardize the confidentiality, integrity, and availability of financial and sensitive taxpayer information,” the GAO report said.

According to the report, the key reason for these weaknesses is that the IRS has not yet fully implemented an agencywide information security program; specifically, that the IRS does not review risks annually, test for controls, or always validate the effectiveness of corrective measures.

“Until IRS takes these steps, financial and taxpayer information is at increased risk of unauthorized disclosure, modification, or destruction, and the agency’s management decisions may be based on unreliable or inaccurate financial information,” the report said.

IRS Commissioner Douglas H. Shulman said the agency will continue working with GAO and will create an action plan to address each of the recommendations in the report.

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.