Government Technology

Green Works: Using Recovery Act Funds for Environmentally-Wise Technology


By the Center for Digital Government <br /><br />

WASHINGTON, D.C. --Poor security controls in the IRS electronic filing system placed personal taxpayer data at risk in 2000, but "serious control weaknesses" were corrected in time for the current tax season, according to a Government Accounting Office (GAO) report issued on Thursday.

While the IRS found no evidence that intruders -- if there were any at all -- saw or tampered with Social Security numbers, financial records and other personal data, the agency had inadequate means to detect such intrusions, the GAO said.

The ease at which government investigators gained access showed that "unauthorized individuals, both internal and external to the IRS, could have gained access to IRS electronic filing systems and viewed or modified taxpayer data," the report said.

The system was easy to break into because the IRS did not restrict external access to computers using the e-file system, failed to securely configure its operating systems, poorly managed passwords and user account information, did not adequately limit access to tax return and other system data and neglected to use encryption to protect e-file data.

The GAO also found that the IRS paid $2.1 billion in tax refunds without taxpayers required authenticating signatures and discovered that the e-file system failed to pick up erroneous or invalid data. Additionally, poor software development controls could have allowed unauthorized changes to programs, the report said.

Dick Kelsey, Newsbytes



Government Technology
Public CIO
Emergency Management
Digital Communities