February 11, 2009 5:05 PM
- Text
IRS Loses Laptops; Your Data Exposed?
(CBS)
CBS News correspondent Peter Maer has covered the White House and executive branch agencies for more than 20 years.
The nation's tax collector is being called to task for lax security that could compromise personal information on thousands of taxpayers.
"Hundreds of IRS laptop computers" and other devices have been lost or stolen, according to a report (.pdf) by the Treasury Department inspector general's office. Many were swiped from employees' vehicles and homes, but investigators also learned that more than a fifth of the devices were stolen from IRS offices.
"It is likely that sensitive data for a significant number of taxpayers have been unnecessarily exposed to potential identity theft" and other fraud, the report warns. "The Internal Revenue Service is not adequately protecting taxpayer data on laptop computers" and other devices.
The report also uncovered faulty encryption and password controls. The IRS annually processes more than 220 million tax returns. As any taxpayer knows, those returns include personal financial information and Social Security numbers. The IRS insists there have been no reports of identity theft linked to the missing laptops.
Investigators called for tighter security measures. The report noted the IRS has agreed to take "corrective actions."
The IRS is the latest federal agency to confront laptop security issues. Government investigators have found similar problems at other departments and offices, including the nation's top law enforcement agency, the FBI.
In February, the Justice Department's inspector general reported three or four FBI laptops are lost or stolen each month. The inspector general said it was "most troubling" that the FBI could not determine in many cases whether the lost or stolen laptops contained sensitive or classified information."
Last year, the Bush administration issued new recommendations for laptop encryption and other standards following computer security issues at a number of departments.
Earlier this year, a private group, the Cyber Security Industry Alliance, urged the government to increase efforts to improve information security. The group says that except for the Department of Veterans Affairs, "the federal government still has no requirement to notify individuals if their sensitive personal information has been compromised."
By Peter Maer
The nation's tax collector is being called to task for lax security that could compromise personal information on thousands of taxpayers.
"Hundreds of IRS laptop computers" and other devices have been lost or stolen, according to a report (.pdf) by the Treasury Department inspector general's office. Many were swiped from employees' vehicles and homes, but investigators also learned that more than a fifth of the devices were stolen from IRS offices.
"It is likely that sensitive data for a significant number of taxpayers have been unnecessarily exposed to potential identity theft" and other fraud, the report warns. "The Internal Revenue Service is not adequately protecting taxpayer data on laptop computers" and other devices.
The report also uncovered faulty encryption and password controls. The IRS annually processes more than 220 million tax returns. As any taxpayer knows, those returns include personal financial information and Social Security numbers. The IRS insists there have been no reports of identity theft linked to the missing laptops.
Investigators called for tighter security measures. The report noted the IRS has agreed to take "corrective actions."
The IRS is the latest federal agency to confront laptop security issues. Government investigators have found similar problems at other departments and offices, including the nation's top law enforcement agency, the FBI.
In February, the Justice Department's inspector general reported three or four FBI laptops are lost or stolen each month. The inspector general said it was "most troubling" that the FBI could not determine in many cases whether the lost or stolen laptops contained sensitive or classified information."
Last year, the Bush administration issued new recommendations for laptop encryption and other standards following computer security issues at a number of departments.
Earlier this year, a private group, the Cyber Security Industry Alliance, urged the government to increase efforts to improve information security. The group says that except for the Department of Veterans Affairs, "the federal government still has no requirement to notify individuals if their sensitive personal information has been compromised."
By Peter Maer
Popular Now in SciTech
- Apple iPad 3 rumors: thicker, sharper, coming soon
- Tesla's Model X: Finally, an electric car we all want
- Retro Duo will play your old Nintendo games
- Obama's 2012 campaign playlist now on Spotify
- FBI releases Steve Jobs background report
- iPad 3 mini on the way, says analyst
- Apple iPad 3 rumors resurface, sources say March release
- Apple iPhone 5 rumors, reports say June release
- Apple faces $1.6 billion iPad trademark lawsuit
- Hackers release Symantec pcAnywhere source code
- Facebook graffiti artist David Choe, from homeless to millions
- Apple supplier Foxconn hit by hackers
- Ethical iPhone 5 petitions head to Apple stores
- Google developing home entertainment system
- Apple iPad 3 rumors, let's get real
- Shocking Stats on Texting While Driving
- Scientists say online dating doesn't work
Latest CBS News Headlines
on Facebook
on CBS News
- For pregnant women with cancer, chemo possible
- Socialist leader urges vote for austerity measures
- Lawyer: 6 Austrians were injected with malaria
- Doctors telling more adults: Get out and exercise
on Facebook
- Adele sings a cappella for Anderson Cooper
- Beyonce and Jay-Z post first photos of Blue Ivy Carter
- Timothy Dolan: Birth control tweak a "first step"
on CBS News
