The Internal Revenue Service is in more hot water, this time after it accidentally leaked the Social Security numbers of thousands of taxpayers.
Public.Resource.org, an independent nonprofit dedicated to transparency of public documents, discovered that the tax identification numbers of “tens of thousands” of donors to Section 527 nonprofit political groups were accessible because the IRS neglected to redact the data when posting the groups’ filing information to a public online database.
“This Section 527 database is an essential tool used by journalists, watchdog groups, congressional staffers, and citizens,” said Public.Resource.org in a statement detailing its findings. “While the public posting of this database serves a vital public purpose (and this database must be restored as quickly as possible), the failure to remove individual Social Security numbers is an extraordinarily reckless act.”
Brief, but potentially damaging oversight
The IRS did act quickly. The Social Security numbers were on the Internet for less than 24 hours.
But the IRS definitely didn’t need any more black marks on its record. It’s been under investigation since May for a variety of missteps, including selective handling of applications by groups for another tax-exempt status, 501(c)(4), that also involves a limited amount of political activity.
Upon discovering the breach, Public.Resource.org founder Carl Malamud wrote the IRS and the Treasury inspector general for tax administration. As an example of the latest privacy breach, Malamud pointed out 10 instances where a Social Security number was accidentally revealed on the government website.
“While this report details only 10 such examples, which I was able to ﬁnd quickly using simple searches, the problem is more significant,” wrote Malamud.
He also made several recommendations, including that the IRS make it easier for those who discover such privacy breaches to notify the IRS of the problem.
The IRS has yet to comment on the personal data display error.
While the information was not available for long, identity thieves can work quickly, so I suspect — hope — the agency is notifying those whose tax ID numbers were made briefly public. That way they can keep an eye on their financial accounts in case someone less honest than Public.Resource.org got a look.
Want the latest news on taxes, tax reform prospects, filing deadlines, political fights, Internal Revenue Service alerts and tax-saving tips? Subscribe to Bankrate’s free Weekly Tax Tip newsletter.
You also can follow me on Twitter @taxtweet.
Veteran contributing editor Kay Bell is the author of the book “The Truth About Paying Fewer Taxes” and a co-author of the e-book “Future Millionaires’ Guidebook.”