Reports issued to the Senate Finance Committee by a governmental watchdog reveal that the Internal Revenue Service has failed to upgrade its systems to fend off digital attacks, making the recent theft of 104,000 taxpayer details more straightforward than it should have been.
On Tuesday, the Treasury Inspector General for Tax Administration J. Russell George told the Committee that "it would have been much more difficult if they had implemented all of the recommendations we made." It came to light last week that Russian hackers were behind the data breach, which allowed them to steal the tax returns of over 100,000 US citizens.
Ever year, the Washington Post reports, George's team audits the IRS to assess its security systems. As of March this year, a list of 44 upgrades suggested to the organisation remained uncompleted — ten of which are now three years old. They included security patches to close loopholes that could be exploited.
Insiders apparently claim that the lack of updates is due to declining funds within the IRS, which has had its total budget cut by $US1 billion since 2010. Apparently internal budgets for cybersecurity itself fell to $US149 million from $US187 million in 2011, according to the newspaper. Perhaps this is a sound warning that skimping on online security is no longer a sensible option. [Washington Post]