-1

Another day, another slipup by the Internal Revenue Service.

The incident involves the unwitting exposure of “tens of thousands” of Social Security numbers, according to a recent audit by the independent transparency and public-domain group Public.Resource.org. The identifying numbers were on the Internet for less than 24 hours after being discovered, but the damage was done. And unfortunately, the data-breach concerns some of the most sensitive types of transactions: Those made by nonprofit political groups known as 527s.

Every so often, 527s have to file tax forms to the IRS, which then get added to a database. The database itself is hardly a secret; the IRS has been sending updated records routinely to Public.Resource.org and other public-interest groups, and it’s a favorite among political reporters. But when the IRS told the group’s founder, Carl Malamud, to disregard the Form 990-Ts included in the agency’s January release, he took a closer look at the files in question.

After analyzing the breach, Malamud wrote a letter to the IRS pointing out 10 instances where a social security number was accidentally revealed on the government’s website—just a small sample of the larger breach.

Just the day before, Malamud had filed another letter to the agency describing a problem with the 990-Ts. Of over 3,000 tax returns contained in the January update, 319 contained sensitive data the agency should have scrubbed, Malamud wrote in the July 1 report that he filed to the inspector general’s office. In that mixup, some 2,319 social security numbers—perhaps more—were revealed.

Read More:  http://www.nationaljournal.com