You’d think the US Internal Revenue Service would be the one organisation you can trust with your personal information. Think again. Thanks to a cock-up, the agency just put tens of thousands of the numbers out on the internet for anyone and everyone to see. Fantastic.
It seems that when the IRS went to upload a bunch of records on the non-profit industry, some unfortunate soul simply forgot to redact the thousands of identifying numbers. Fortunately, the error was spotted by Public.Resource.Org, which likes to publish these kind of records, and the offending list of nine-digit numbers has already been removed. Still, it’s disquieting to know they were out there at all, and who knows who saw them.
There have been worse breaches, like when the state of North Carolina got hacked out of 3.6 Social Security Numbers. But it hurts to see the IRS — an agency that trades in these things by its very nature — compromise a bunch through sheer digital incompetence; no hackers necessary. [Boing Boing via The Daily Dot]