According to a recent Government Accountability Office report, the IRS continues to leave its vast computer systems without proper security. Private taxpayer data is vulnerable to hackers, fraudsters and former IRS employees. This GAO report tells of significant deficiencies relating to the financial reporting systems. Millions of Americans are rightfully concerned because they are required by law to file tax returns but worry about fraud.
The IRS must continue making improvements to taxpayer financial data controls. This news comes in the wake of a very unpleasant six weeks for taxpayers and the IRS. Taxpayers have entered this filing season with greater fears over fraud. TurboTax recently announced it was suspending tax return filings due to fraud.
Taxpayer distress became more severe when some learned that their tax return had been filed by someone else who received their refund. At first, it did not involve federal taxes, only state returns. The FBI began investigating returns filed using TurboTax. Those interviewed about this spoke of data being compromised and returns may have been filed on the basis of 2013 returns.
The report tells of easily compromised IRS passwords and outdated software having improper security functions. Worse yet, at times the IRS fails to delete access for employees who quit or have been fired.David M. Walker (U.S. Comptroller General) (Photo credit: Wikipedia)
Additionally, former employees of the IRS retain access to its data system when they should have been immediately cut off. A co-author of the report says that there is a plethora of taxpayer data that remains at risk for identity theft.
Taxpayers have no confidence in the credibility and security of the IRS especially after the Treasury Inspector General for Tax Administration stated that 1.6 million taxpayers had been affected by identity theft early in 2014. It was a fraction of that four years before. Electronic filing likely plays a role.
The GAO warns that gaining access to IRS files does not require much sophistication on the part of hackers. At the same time, it reports that some security weaknesses have been addressed, but more improvements must be made.