Contracting

IRS suspends Equifax contract

IRS seal 

The IRS confirmed today that it has suspended a $7.2 million bridge contract awarded to Equifax for identity management and authentication services.

The decision comes one week after the agency received a torrent of criticism from members of Congress and the public for the award and less than one month after Equifax revealed that hackers had stolen the sensitive personal information of 145 million Americans. Yesterday, Equifax announced that code from a third-party vendor the company used to collect online performance data was pushing malware to visitors of its website.

In a statement to FCW, the IRS said the suspension was temporary and precautionary and that no IRS data was affected.

"During this suspension, the IRS will continue its review of Equifax systems and security. The IRS emphasized that there is still no indication of any compromise of the limited IRS data shared under the contract," the agency said.

At an Oct. 4 House hearing, IRS officials told lawmakers that a bid for identity management services and e-authentication of taxpayer identities was initially awarded to another contractor, later confirmed to be Experian Information Solutions. However, Equifax was the incumbent contractor for those services, and it filed a procurement protest that wouldn’t be resolved until after the current contract expired.

According to IRS officials, that forced the agency to award a bridge contract or stop providing identity-proofing work for Secure Access, its online accounts and transcripts application.

The Government Accountability Office later disputed the assertion that IRS had no choice, saying contracting law allowed for the agency to start working with Experian by citing urgent and compelling circumstances that would significantly affect the interests of the U.S. government.

IRS said it will be unable to create new Secure Access accounts until the issue is resolved and a new contractor comes onboard, but current users will not be affected. Taxpayers will still have the option of receiving mailed transcripts in the interim.

About the Author

Derek B. Johnson is a senior staff writer at FCW, covering governmentwide IT policy, cybersecurity and a range of other federal technology issues.

Prior to joining FCW, Johnson was a freelance technology journalist. His work has appeared in The Washington Post, GoodCall News, Foreign Policy Journal, Washington Technology, Elevation DC, Connection Newspapers and The Maryland Gazette.

Johnson has a Bachelor's degree in journalism from Hofstra University and a Master's degree in public policy from George Mason University. He can be contacted at djohnson@fcw.com, or follow him on Twitter @derekdoestech.

Click here for previous articles by Johnson.


Featured

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

  • Comment
    Pilot Class. The author and Barbie Flowers are first row third and second from right, respectively.

    How VA is disrupting tech delivery

    A former Digital Service specialist at the Department of Veterans Affairs explains efforts to transition government from a legacy "project" approach to a more user-centered "product" method.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.