Officials said Friday that the Internal Revenue Service unintentionally released sensitive information pertaining to around 120,000 people before finding the issue and removing the material from its website.
The data leak occurred from Form 990-T. This form is usually required for people with individual retirement accounts who receive certain business income via these accounts. This usually refers to individuals whose IRAs are invested in master limited partnerships, real estate, or other income-producing assets, as opposed to those whose IRAs are entirely invested in equities.
Additionally, the IRS disclosed that in addition to sharing Form 990-T information with charities, they also accidentally shared data about taxpayers’ IRAs. The disclosures included these IRAs’ names, contact information, and income-related financial information. It did not include Social Security numbers, complete individual income information, or any other information that may harm a taxpayer’s credit, the Treasury Department found, according to the letter sent Friday to senior members of Congress.
As with most individual tax returns filed with the IRS, these forms are intended to be kept private. However, charities with so-called unrelated business revenue are obligated to submit Form 990-T, and these filings should be accessible to the public.
The IRS and Treasury Department blamed a human coding mistake for the Form 990-T filing glitch that occurred last year when the form became available for electronic filing. The nonpublic data was accidentally combined with the public data, and it was all searchable and downloadable on the agency’s website.
About 120,000 taxpayers’ names, contact information, and income for their IRAs were exposed, according to the Wall Street Journal. The IRS has advised that social security numbers, individual tax returns, and detailed account information were not included in the data. Nonpublic data was available for download on the IRS website as a result of the error.
In recent weeks, an IRS research staffer uncovered the error, prompting a deeper investigation and removing the data. The IRS alerted Congress on Friday, as it is required to do so by federal law regarding significant data security incidents. In the following weeks, impacted taxpayers will be informed.
Anna Canfield Roth, the Treasury Department’s acting assistant secretary for management, wrote legislators a letter on Friday stating that the IRS is continuing to investigate the matter. According to Roth, the Treasury Department has ordered the Internal Revenue Service to undertake an immediate assessment of its operations to verify that the essential safeguards are in place to avoid improper data leaks.
The Internal Revenue Service has long grappled with antiquated information technology systems and occasional leaks of confidential taxpayer data. As reported by Time magazine, the IRS has found it difficult to update its 60-year-old COBOL tax processing system or find employees qualified to handle it.
The journalistic group ProPublica disclosed tax information on several of the richest and highest-income Americans last year, resulting in inquiries. It is currently unclear where this data originated, and the IRS has failed to notify Congress about what happened.
Despite these shortcomings, a newly passed budget by the Democrats provided $80 billion to the IRS. Not to fix them, mind you. A total of $4.8 billion is allocated to the legislation’s modernization efforts, but more than ten times as much is spent on enforcement, which is its top priority. The agency should focus on its own mistakes as much as taxpayers’ if it wants to sell the public on its newfound efficiency.