IT security flaws at the US Internal Revenue Service are leaving millions of taxpayers open to identity theft and police snooping.
A congressional report from the Government Accountability Office said the IRS had no systems in place to let it know whether data protection systems had been breached, and that around 20 security weaknesses noted back in 2002 had still not been fixed.
The report also found almost 40 new security problems with the IRS systems, and discovered that systems barriers between tax returns and money-laundering reports did not exist.
This means that police investigating money laundering can easily access anyone’s tax returns on the IRS systems, which is a violation of federal law.
Thousands of contractors and IRS staff can also access money-laundering reports, enabling them to potentially damage investigations.
The IRS said that a number of the security holes in the report had already been fixed and that it expected others to be rectified by the end of the year.
Read more on IT risk management
Finance Bill Sub-Committee blames IR35 for ‘concerning’ rise in umbrella company contractors
IR35 reforms: HMRC slammed for ‘over-collecting tax’ from non-compliant public sector bodies
HMRC denies outside-IR35 hiring ban as accounts reveal agency’s reliance on umbrella workers
IR35 reforms: HMRC confirms compliance checks under way in financial services, oil and gas sectors