recommended reading

Threatwatch

Employee brings home thumb drive detailing 20,000 IRS colleagues

Insider attack; Unauthorized use of employer’s data

An inspector general report from last fall warned that a data loss prevention system designed to detect and prevent potential unauthorized transfers of information “was not in place.”

“The information dates to 2007, before the IRS started using automatic encryption,” Bloomberg reports.

Tax agency officials were told of the breach “a few days ago,” IRS Commissioner John Koskinen said in a message to employees. Personnel were notified on 3/18.

The Social Security numbers, names and addresses of employees and contractors were potentially made public, because the thumb drive was plugged into the worker’s “unsecure home network,” Koskinen’s message added.

IRS systems holding data on hundreds of millions of taxpayers were not affected, according to Bloomberg.

The IRS is contacting the personnel affected, most of whom worked in Pennsylvania, Delaware and New Jersey.  

The agency is unaware of any information being used for identity theft.

The IRS is working with its inspector general to probe the incident, according to Bloomberg.

Last fall’s IG report also noted that the agency was not capturing logs to track who was using administrator privileges to access servers, firewalls and routers. “Without an effective system for the capture and review of administrator activity, accountability for actions taken on equipment cannot be established and unauthorized activity may go undetected,” the report stated.

The Bloomberg article did not indicate what year the compromise occurred.

ThreatWatch is a regularly updated catalog of data breaches successfully striking every sector of the globe, as reported by journalists, researchers and the victims themselves. 

sector

Government (U.S.)

reported

March 18, 2014

reported by

Bloomberg

number affected

20,000 employees

location of breach

United States

perpetrators

Employee

location of perpetrators

United States

date breach occurred

Unknown

date breach detected

March 2014