The Internal Revenue Service mistakenly exposed tens of thousands of social security numbers on the Web.
The discovery was made by Public.Resource.org, a non-profit focused on sharing public legal and government materials, and came to light during the course of an unrelated audit sparked by IRS notifying the group in June that the agency had sent out an “improperly vetted shipment” of data on DVD in January, Carl Malamud, president and founder of Public.Resource.org, explained in a statement. Since the IRS had gone months without notifying recipients of the data of the privacy breach, the group decided to examine how the situation was handled and send an audit to the U.S. Treasury Inspector General for Tax Administration.
Through the audit, the group discovered social security numbers had been posted online, and were made available when conducting a search for Form 8871 and Form 887 for political organizations that file under Section 527. Currently, the ‘Political Organization Disclosure Search’ and ‘Political Organization Disclosure Download’ capabilities on the IRS website remain disabled.
“The database in question contains the filings of Section 527 political organizations such as campaign committees,” Malamud noted. “This Section 527 database is an essential tool used by journalists, watchdog groups, congressional staffers, and citizens. While the public posting of this database serves a vital public purpose (and this database must be restored as quickly as possible), the failure to remove individual Social Security Numbers is an extraordinarily reckless act.”
According to FoxNews.com, an IRS spokesman said Monday that the agency had been made aware of the posting of a “substantial number” of Social Security numbers and had removed web access to the information “out of an abundance of caution.” The spokesman also said the agency is “assessing the situation and exploring available options.”
“It is with greatly conflicted feelings that we requested the administration make the political organization database go dark temporarily,” Malamud stated. “We understand that this is an essential tool for researchers and even temporary unavailability hurts their efforts. We hope and expect that the administration will act promptly to address the privacy violations and get the database back online.”
