IRS IG: No taxpayer data exposed by hack
- By Justin Katz
- Dec 24, 2020
The internal watchdog at the IRS said in a letter to lawmakers today there is "no evidence" suggesting taxpayer information was exposed as a result of hackers breaching the agency's network.
J. Russell George, the Treasury Inspector General for Tax Administration, said his office became aware of the cyberattack on Dec. 13 and immediately reached out to the IRS's Computer Security and Incident Response Center, according to hisDec. 23 letter to Reps. Bill Pascrell (D-N.J.) and Mike Kelly (R-Pa.), the chairman and ranking member of the Oversight Subcommittee of the House Ways and Means Committee.
"TIGTA will continue working with the IRS in conducting additional forensic reviews and network log analysis as additional information related to this event becomes available," George continued.
Treasury Secretary Steven Mnuchin confirmed Monday morning his agency had been affected by a hacking campaign via a backdoor in the SolarWinds Orion software suite. He also said the hack did not compromise any classified systems.
Sen. Ron Wyden (D-Ore.) said on Monday night Treasury and IRS officials told Senate staffers they do not believe taxpayer data was compromised, although Wyden did not say which officials provided that information.
Wyden also said hackers breached dozens of email accounts, potentially including those of senior Treasury officials.
"Additionally the hackers broke into systems in the departmental offices division of Treasury, home to the department's highest-ranking officials. Treasury still does not know all of the actions taken by hackers, or precisely what information was stolen," according to Wyden.
Justin Katz covers cybersecurity for FCW. Previously he covered the Navy and Marine Corps for Inside Defense, focusing on weapons, vehicle acquisition and congressional oversight of the Pentagon. Prior to reporting for Inside Defense, Katz covered community news in the Baltimore and Washington D.C. areas. Connect with him on Twitter at @JustinSKatz.