Union decries IRS for security weaknesses

The president of the National Treasury Employees Union issued a statement today criticizing the Internal Revenue Service for having “continuing and serious internal information technology security issues."

The union statement refers to a new Government Accountability Office report describing information security weaknesses at the IRS that leave taxpayers’ financial and personal information vulnerable to data theft.

NTEU President Colleen Kelley said those security problems "make it all the more pressing that the IRS abandon its ill-conceived and dangerous plan to privatize tax debt collection.”

Kelley called the report another warning signal of the dangers of the IRS’ effort to move ahead with plans to hire private-sector debt collectors to pursue tax debts.

“Rather than seek to move personal and sensitive taxpayer information into private hands, the IRS needs to devote time, attention and resources to ensuring it can protect these vital data when the information is in its own hands,” Kelley said. “I don’t think anyone can realistically be satisfied right now that the agency has accomplished that.”

The GAO report, released March 24, states that the IRS failed to establish effective electronic access controls related to network management, user accounts, file permissions, and logging and monitoring of security-related events. The agency has not installed other controls to secure computers physically, according to GAO's audit report.

“Collectively, these weaknesses increase the risk that sensitive financial and taxpayer data will be inadequately protected against disclosure, modification or loss, possibly without detection, and place IRS operations at risk of disruption,” the GAO report states.

In a Feb. 27 letter to Gregory Wilshusen, GAO’s director of information security issues, IRS Commissioner Mark Everson agreed with GAO’s assessment.

“Because the IRS’ solution extends beyond the specific findings and addresses the root cause of the weaknesses at an enterprisewide level, a majority of the weaknesses remain open,” Everson wrote. “However, as a result of this agencywide approach and other initiatives we have under way, the IRS now has stronger controls to protect taxpayer data.”


  • FCW Perspectives
    human machine interface

    Your agency isn’t ready for AI

    To truly take advantage, government must retool both its data and its infrastructure.

  • Cybersecurity
    secure network (bluebay/Shutterstock.com)

    Federal CISO floats potential for new supply chain regs

    The federal government's top IT security chief and canvassed industry for feedback on how to shape new rules of the road for federal acquisition and procurement.

  • People
    DHS Secretary Kirstjen Nielsen, shown here at her Nov. 8, 2017, confirmation hearing. DHS Photo by Jetta Disco

    DHS chief Nielsen resigns

    Kirstjen Nielsen, the first Homeland Security secretary with a background in cybersecurity, is being replaced on an acting basis by the Customs and Border Protection chief. Her last day is April 10.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.