Language Selection

English French German Italian Portuguese Spanish

IRS security flaws expose taxpayer data to snooping

Filed under
Security

Security flaws in computer systems used by the Internal Revenue Service expose millions of taxpayers to potential identity theft or illegal police snooping, according to a congressional report released today.

The IRS also is unlikely to know if outsiders are browsing through citizens' tax returns because it doesn't effectively police its computer systems for unauthorized use, the Government Accountability Office found.

The report was released three days after the deadline for filing personal income tax returns, and at a time when concerns about identity theft and computer security are running high. "This lack of systems security at the IRS is completely unacceptable and needs to be corrected immediately," said Rep. James Sensenbrenner (R-Wis.), chairman of the House Judiciary Committee.

The IRS promised to fix any problems and find out if tax returns had been exposed to outsiders.

Over the past several years, the agency has taken steps to protect the information it collects, the report found. The agency has fixed 32 of the 53 problems that turned up in a 2002 review. But the GAO found 39 new security problems on top of the 21 that remain unfixed.

Along with $2 trillion in tax receipts, the IRS also collects information on money laundering and other possible financial crimes for the government's financial-intelligence office. But barriers between tax returns and money-laundering reports don't exist, the GAO found. Thus, a police officer checking up on money-laundering reports can also read personal tax returns, in violation of federal law.

In all, 7,500 IRS employees, law enforcers and outside contractors can access and modify tax returns and financial-crime reports, the GAO found. A master list of passwords and usernames is also widely available, the report said.

Full Story.

More in Tux Machines

Security: WPA2, Smartwatches, Google, NSA, Microsoft and Flexera FUD

  • WPA2 flaw's worst impact on Android, Linux devices

    The flaw in the WPA2 wireless protocol revealed recently has a critical impact on Android phones running version 6.0 of the mobile operating system and Linux devices, a security researcher says.

  • Why the Krack Wi-Fi Mess Will Take Decades to Clean Up

    But given the millions of routers and other IoT devices that will likely never see a fix, the true cost of Krack could play out for years.

  • 'All wifi networks' are vulnerable to hacking, security expert discovers

    WPA2 protocol used by vast majority of wifi connections has been broken by Belgian researchers, highlighting potential for internet traffic to be exposed

  • Kids' smartwatches can be 'easily' hacked, says watchdog

    Smartwatches bought for children who do not necessarily need them can be hacked [sic], according to a warning out of Norway and its local Consumer Council (NCC).

  • John Lewis pulls children's smartwatch from sale over spying fears

    The Norwegian Consumer Council (NCC) revealed that several brands of children’s smartwatch, have such poor security controls that hackers [sic] could easily follow their movements and eavesdrop on conversations.

  • Google's 'Advanced Protection' Locks Down Accounts Like Never Before

    Google hasn't shared the details of what that process entails. But the CDT's Hall, whom Google briefed on the details, says it will include a "cooling-off" period that will lock the account for a period of time while the user proves his or her identity via several other factors. That slowed-down, intensive check is designed to make the account-recovery process a far less appealing backdoor into victims' data.

  • NSA won't say if it knew about KRACK, but don't look to this leaked doc for answers
    Given how involved the NSA has been with remote and local exploitation of networks, systems, devices, and even individuals, many put two and two together and assumed the worst. What compounded the matter was that some were pointing to a 2010-dated top secret NSA document leaked by whistleblower Edward Snowden, which detailed a hacking tool called BADDECISION, an "802.11 CNE tool" -- essentially an exploit designed to target wireless networks by using a man-in-the-middle attack within range of the network. It then uses a frame injection technique to redirect targets to one of the NSA's own servers, which acts as a "matchmaker" to supply the best malware for the target device to ensure it's compromised for the long-term. The slide said the hacking tool "works for WPA/WPA2," suggesting that BADDECISION could bypass the encryption. Cue the conspiracy theories. No wonder some thought the hacking tool was an early NSA-only version of KRACK.
  • You're doing open source wrong, Microsoft tsk-tsk-tsks at Google: Chrome security fixes made public too early [Ed: Says the company that gives back doors to the NSA and attacks FOSS with patents, lobbying etc.]
  • Why Open Source Security Matters for Healthcare Orgs [Ed: marketing slant for firms that spread FUD]
    Open source software can help healthcare organizations remain flexible as they adopt new IT solutions, but if entities lack open source security measures it can lead to larger cybersecurity issues. A recent survey found that organizations in numerous industries might not be paying enough attention to potential open source risk factors. Half of all code used in commercial and Internet of Things (IoT) software products is open source, but only 37 percent of organizations have an open source acquisition or usage policy, according to a recent Flexera report. More than 400 commercial software suppliers and in-house software development teams were interviewed, with respondent roles including software developers, DevOps, IT, engineering, legal, and security.

Games: JASEM, openage, Riskers, Rise to Ruins, Slime Rancher

The most promising linux distributions in 2017

Linux distributions have already gained recognition of its users and with every year new products appear in the market. Many of them focus on the certain tasks, so you can’t create a single list of the best ones. Here we have chosen several fields of Linux use and those distributions that have all chances to take the initial positions in their niche in 2017. Read more

Ubuntu 17.10 (Artful Aardvark) released

Codenamed "Artful Aardvark", Ubuntu 17.10 continues Ubuntu's proud tradition of integrating the latest and greatest open source technology into a high-quality, easy-to-use Linux distribution. As always, the team has been hard at work through this cycle, introducing new features and fixing bugs. Under the hood, there have been updates to many core packages, including a new 4.13-based kernel, glibc 2.26, gcc 7.2, and much more. Ubuntu Desktop has had a major overhaul, with the switch from Unity as our default desktop to GNOME3 and gnome-shell. Along with that, there are the usual incremental improvements, with newer versions of GTK and Qt, and updates to major packages like Firefox and LibreOffice. Read more Also: Ubuntu 17.10 Debuts Officially with GNOME 3.26 on Top of Wayland, Linux 4.13 How to: Upgrade Ubuntu 17.04 to Ubuntu 17.10 Ubuntu 17.10 ISOs Officially Released 10 Things To Do After Installing Ubuntu 17.10 Ubuntu 17.10 Now Available to Download, This Is What’s New How to Enable Night Light on Ubuntu 17.10 Ubuntu 17.10 Artful Aardvark Released With New Features — Download Torrents And ISO Files Here Ubuntu Flavors, Including Ubuntu MATE 17.10, Are Available to Download Ubuntu 17.10 'Artful Aardvark' ditches Unity for Gnome