IRS Accidentally Leaks Confidential Data of 120,000 Taxpayers

Colin Thierry
Colin Thierry Writer
Colin Thierry Colin Thierry Writer

The US Internal Revenue Service (IRS) accidentally published confidential data on 120,000 taxpayers in a bureaucratic blunder.

“The IRS recently discovered that some machine-readable (XML) Form 990-T data made available for bulk download section on the Tax Exempt Organization Search (TEOS) should not have been made public,” the agency said in a public notice released last week.

Among other things, exempt organizations use Form 990-T to report unrelated business income, claim an income tax refund, request a credit for certain federal excise taxes, or to report unrelated business income tax on reinsurance entities.

In this case, the issue lay with the way the IRS grouped forms filed by both tax-exempt organizations and everyday citizens.

The agency is required to publish 990-T forms filed by nonprofit groups. However, for regular citizens, this information is supposed to be kept private.

“The IRS took immediate steps to address this issue,” the agency said in its notice. “The files have been removed from and will be replaced with updated files in the near future. In addition, the IRS also will be working with groups that routinely use the files to remove the erroneous files and replace them with the correct versions as they become available.”

The IRS also said that it will contact all taxpayers who have been impacted by the leak over the next few weeks.

According to the notice, the published data did not include Social Security numbers, detailed account-holder information, or individual income tax returns. However, the IRS said that the leak still does include individual names or business contact information for some citizens.

In a statement to reporters, the US Treasury said the error was first discovered on Aug. 26, but it’s not clear for exactly how long the data was available for the public to download.

“The IRS is continuing to review this situation,” Anna Canfield Roth, the Treasury’s acting assistant secretary for management, told Bloomberg.

The federal Treasury also ordered the IRS to immediately review its practices to ensure that a situation like this never happens again.

About the Author

About the Author

Colin Thierry is a former cybersecurity researcher and journalist for SafetyDetectives who has written a wide variety of content for the web over the past 2 years. In his free time, he enjoys spending time outdoors, traveling, watching sports, and playing video games.