According to a recent audit by Public.Resource.org, an independent transparency and public-domain group, the Internal Revenue Service (IRS) recently published as many as 100,000 social security numbers on a public website by mistake.
As the National Journal reported, some forms submitted to the IRS by certain tax-exempt organizations, called section 527 organizations, are required by law to have their tax information published in a public database. But social security numbers (SSN) are never intended to become public, and an investigation by Public.Resource.org Founder Carl Malamud revealed that more than 2,000 SSN’s had been published on IRS.gov. And on July 8, Malamud told FoxNews.com that the breach actually included as many as 100,000 SSNs.
When contacted for comment, the IRS informed Government Technology that when the mistake was discovered, “The IRS decided out of an abundance of caution to temporarily remove public Web access to the records.”
The IRS added that it “frequently and routinely reminds organizations … not to include personal information, including Social Security numbers, in their public filings.”
The public release of Social Security numbers, whether performed by organization or individual, is illegal. “It is time now for the administration to send a tiger team over to the [IRS] to help fix their information management practices,” Malamud said in a statement.
The IRS only stated the agency “is assessing the situation and exploring available options.”
Requests to the IRS for more information did not receive a response.
Colin wrote for Government Technology from 2010 through most of 2016.
NEW ON THE PODCAST