Despite a computer breach that exposed tens of thousands of taxpayers’ records over a 16-month period, the IRS still hasn’t fully closed the barn door to hackers.

Even such basic protocols as regularly changing passwords haven’t been implemented, according to the Government Accountability Office. Inspectors also reported obsolete software, missing security patches and employees with unnecessary access to sensitive taxpayer data.

In some cases, the IRS didn’t follow its own procedures for maintaining and updating its security, the GAO reported.

This, after hackers gained access to more than 720,000 taxpayer accounts — including Social Security numbers and birth dates — which they reportedly tapped into beginning in 2014, The Washington Times reports. The breach wasn’t identified until 2015.

IRS Commissioner John Koskinen, who says the agency’s systems are sound, hasn’t indicated what steps will be taken to address the GAO’s latest findings. At the same time, he pointed out the agency’s “human capital resource limitations.”

But changing passwords and limiting staff access to taxpayers’ personal information are matters of common sense, not cash flow. It’s past time for the IRS to exercise more of the former to secure its data and reclaim its credibility.


(c)2016 The Pittsburgh Tribune-Review (Greensburg, Pa.)

Visit The Pittsburgh Tribune-Review (Greensburg, Pa.) at

Distributed by Tribune Content Agency, LLC.


This content is published through a licensing agreement with Acquire Media using its NewsEdge technology.

No votes yet.
Please wait...