Data breaches are becoming quite common, especially for government agencies. The latest such incident involved the Internal Revenue Service, and could potentially leave tens of thousands of people exposed.
The breach itself was discovered by nonprofit watchdog group Public.Resource.Org, and could have lasted less than 24 hours, but potentially much longer, according to a report from the National Journal.
Specifically, the incident could have exposed the Social Security numbers of tens of thousands of people involved with transactions for 527 political nonprofit groups. When any such group files a tax form, it is added to a database, which can then be distributed to certain members of the general public, including those in the media.
The issue, though, is that on some of these listings of transactions, a person’s sensitive information listed on forms known as 990-Ts may not have been blacked out, the report said.
Carl Malamud, who founded Public.Resource.Org, discovered the unblocked data for 319 people in a sampling of some 3,000 returns in an update in January, and it is possible that as many as 2,319 people were exposed as a result of that mix-up alone.
“When we were alerted last week that a substantial number of Social Security numbers were posted on IRS.gov in forms filed by section 527 political organizations, the IRS decided out of an abundance of caution to temporarily remove public web access to the records,” an IRS official wrote to the site. “The law requires the IRS to publicly post forms, such as Forms 8871, 8872 and 990, that are submitted by section 527 organizations. The IRS frequently and routinely reminds organizations of the public disclosure of these forms and urges them not to include personal information, including Social Security numbers, in their public filings.”
The public interest group noted that there is still no indication that any of the exposed information was used in any way improperly, but it very well could have been accessed by someone without authorization, the report said.
However, this breach certainly underscores the importance of consumers keeping close tabs on their financial documents as regularly as possible. Taking time to carefully look over credit card and bank statement, as well as order copies of their credit reports every few months or so is vital to making sure no aspect of one’s personal finances has been compromised.