The Seattle Times Company

NWjobs | NWautos | NWhomes | NWsource | Free Classifieds |

Business / Technology

Our network sites | Advanced

Originally published August 4, 2007 at 12:00 AM | Page modified August 4, 2007 at 2:02 AM


Careless workers expose IRS data

Internal Revenue Service employees gave their passwords to auditors who posed as computer help-desk workers, a security breach that could...

Bloomberg News

Internal Revenue Service employees gave their passwords to auditors who posed as computer help-desk workers, a security breach that could allow taxpayers' personal information to be released to identity thieves.

The Treasury Inspector General for Tax Administration said 61 of 102 employees agreed to help a caller pretending to be a technician fix a problem by disclosing their passwords and then changing them to one suggested by the caller.

It's the third time since 2001 that IRS employees failed to protect passwords and follow security rules even after the agency provided extra training to workers to fix the problem.

"The corrective actions have not been effective," according to a report released by the Treasury Department in Washington, D.C.

"Employees either do not fully understand security requirements for password protection or do not place a sufficiently high priority on protecting taxpayer data in their day-to-day work."

The IRS has 100,000 workers or contractors who have access to taxpayers' financial information. Each year, every employee is required to certify that they understand the password-protection security requirements, the report said.

In April, Inspector General J. Russell George said the IRS hadn't secured information on the 52,000 laptop computers issued to employees, and that almost 500 IRS laptops were stolen between January 2003 and June 2006.

"Despite repeated warnings, IRS workers continue to show reckless disregard for computer security," said Sen. Max Baucus, the Montana Democrat who heads the Senate Finance Committee.

"Continued failure in this area is leaving millions of American taxpayers vulnerable to identity theft and other fraudulent schemes."

The report said that hackers who cannot break into computer networks often turn to "social engineering" such as tricking people into revealing passwords or other sensitive information.

Copyright © 2007 The Seattle Times Company

More Business & Technology headlines...

Print      Share:    Digg     Newsvine


UPDATE - 09:46 AM
Exxon Mobil wins ruling in Alaska oil spill case

UPDATE - 09:32 AM
Bank stocks push indexes higher; oil prices dip

UPDATE - 08:04 AM
Ford CEO Mulally gets $56.5M in stock award

UPDATE - 07:54 AM
Underwater mortgages rise as home prices fall

NEW - 09:43 AM
Warner Bros. to offer movie rentals on Facebook