recommended reading

IRS Illegally Gave Taxpayer Data to the FBI in 2010, Republicans Say

Rena Schild/

The IRS sent the FBI a huge database containing sensitive taxpayer information on nonprofit conservative groups, possibly in violation of federal law, House Republicans allege. The lawmakers claim the transfer was part of an intentional effort to potentially probe the organizations for illegal campaign activities.  

The IRS confirmed the data leak, but FBI officials were unaware of it being used in any investigations. 

Oversight and Government Reform Committee members on Monday said they were notified by the Justice Department last week about the privacy breach, which occurred in 2010. It is not clear whether the IRS knew the records were confidential at the time.

“This revelation that the IRS sent 1.1 million pages of nonprofit tax-return data – including confidential taxpayer information – to the FBI confirms suspicions that the IRS worked with the Justice Department to facilitate the potential investigation of nonprofit groups engaged in lawful political speech," the lawmakers wrote on Monday, in a letter to the IRS commissioner seeking more information about the matter.

The database was stored on 21 disks, they said. 

Emails between former IRS official Lois Lerner and Richard Pilger, director of Justice's Election Crimes Branch, discuss formatting preferences and indicate the file dump was deliberate. 

On Oct. 5, 2010, Lerner wrote, “Do you know if they would like the images in Alchemy or Raw format? The difference is, Alchemy you need to search ion one of the 5 index fields where Raw format, you load into your own software and you can do what ever you want to with it.”

Pilger on Oct. 6, replied, "Thanks Lois – FBI says Raw format is best because they can put it into their systems like Excel.”

As of June 2, Justice believed the IRS data was public information, committee members said. 

But on Wednesday, Justice “notified the committee that the 21 disks do, in fact, contain nonpublic confidential taxpayer information protected by federal tax law," Monday’s letter stated. Justice officials could not tell the committee which documents of the 1.1 million pages contained privileged taxpayer information, the lawmakers said. 

Tax agency officials on Monday confirmed the disks contained confidential information that should have been removed. 

When IRS got back the disks from Justice ten days ago, "we identified immediate issues with 33 tax returns, out of more than 12,000 returns stored on the discs, that included some nonpublic information," the officials said in a statement. The disks in question, which are publicly accessible, "can sometimes inadvertently include material that should have been redacted."

The majority of the 33 groups referenced in the files "do not appear to have any connection to political activity," officials added.   

A Justice official said FBI employees only read an index from the disks, not any of the other data. As far as they know, neither the FBI nor the department used the disks for any investigative purposes. After learning the disks contained protected information, Justice returned its disk copies to the IRS and recommended that the committee do the same, the official added.

Documents about the alleged compromise were uncovered during the committee's ongoing investigation into the IRS targeting right-leaning groups.

Reports of unintentional data breaches and malicious hacks have spiked governmentwide during the past four years, federal auditors say. Cyber incidents, which include data loss and privacy breaches, increased by nearly 36 percent, from 34,048 in fiscal 2010 to 46,160 in fiscal 2013, according to the Government Accountability Office. 

The alleged IRS compromise affected tax-exempt 401(c)(4) organizations that are subject to restrictions on political activity.  

“The IRS apparently considered political speech by nonprofit groups to be so troublesome that it illegally assisted federal law-enforcement officials in assembling a massive database of the lawful political speech of thousands of American citizens, weeks before the 2010 midterm elections, using confidential taxpayer information," committee members said. 

Lerner was recently found in contempt of Congress for refusing to testify before the committee. 

When asked whether the tax agency's internal watchdog, the Treasury Inspector General for Taxpayer Administration, would investigate the potential data breach, TIGTA spokesman David Barnes said, "We don’t have any information on this issue."

(Image via Rena Schild/

Threatwatch Alert

Stolen credentials

Hackers Steal $31M from Russian Central Bank

See threatwatch report


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security


When you download a report, your information may be shared with the underwriters of that document.