The IRS has admitted that it accidentally posted thousands of social security numbers to a publicly available website. It took down the information about 24 hours later, when it was informed of the problem.
FOXNews reported, “The IRS mistakenly posted the Social Security numbers of tens of thousands of Americans on a government website, the agency confirmed Monday night. One estimate put the figure as high as 100,000 names. The numbers were posted to an IRS database for tax-exempt political groups known as 527s and first discovered by the group Public.Resource.org.”
VentureBeat’s Meghan Kelly added, “Public.Resource.Org, which says it helps make government information more accessible by putting it all in one place, discovered the issue and alerted the U.S Treasury Inspector General for Tax Administration, according to a statement from the organization. The IRS quickly took down the database.”
National Journal’s Bring Fung explained, “Every so often, 527s have to file tax forms to the IRS, which then get added to a database. The database itself is hardly a secret; the IRS has been sending updated records routinely to Public.Resource.org and other public-interest groups, and it’s a favorite among political reporters. But when the IRS told the group’s founder, Carl Malamud, to disregard the Form 990-Ts included in the agency’s January release, he took a closer look at the files in question. After analyzing the breach, Malamud wrote a letter to the IRS pointing out 10 instances where a social security number was accidentally revealed on the government’s website—just a small sample of the larger breach.”
Politico quoted Malamud, who said, “What pisses me off about the 527 data is that I had a long conversation with Lois Lerner her former boss Joseph Grant…and we talked about section 527 privacy issues. And Lerner knew that. She knew the database was dirty and she didn’t care.”