The IRS has been hacked. Over 100,000 taxpayer’s old returns were simply given to hackers upon request when they supplied personal information to an online request form on the IRS website – information that was probably gleaned from other sources outside the IRS.
The old returns make it easier for hackers to submit fake returns to collect people’s refunds…this year, next year and forever.
This breach is truly scary for a number of reasons. First it’s the frickin’ IRS! Only the Pentagon and the White House should have higher security. No, our power grid and airlines and infrastructure should have higher security. No, ALL of our government agencies should have the best damned security on the planet!
Second, it’s the frickin’ IRS! They are the number one least likely government agency to care about people or to help them or make restitutions or take actions quickly (apart from the legislative, executive or judicial branches of government…or FEMA or the department of the interior or…well, it doesn’t matter who is the least likely to serve or protect us but I’d still put the IRS at the top of the list.)
Third, you can’t just reset your social security number if it is stolen or compromised. They simply don’t issue new numbers. It’s not like changing your email or other account passwords or even changing your phone number. Yet your social security number is the equivalent of a password when it comes to dealing with the government or any number of agencies.
Finally, this highlights the fact that our own government simply doesn’t get it. They don’t understand the current state of cybersecurity. They don’t understand who is attacking them. They don’t understand how to protect themselves and therefor they can’t protect us, the citizens of the United States.
Maybe there are a few government agencies who do get it (I almost hate to say it but the NSA and FBI spring to mind) but it has become painfully obvious that they aren’t sharing what they know with anyone else. They should be sharing resources not hiding them from each other.
I’m sure the NSA and perhaps a few other agencies have some of the brightest anti-cybercrime experts in the world (and if they don’t they should hire them NOW). Perhaps it’s time for someone to create a special department to systematically audit and fix every single government agency’s systems to seal as many security holes as possible. It should be part of their charter. To insure the cybersecurity preparedness of our entire government. Spend a billion dollars or whatever it costs, but get it done NOW! And by ‘NOW’ I don’t mean ‘over the coming years.’ It should be done over the next few months – no matter what the cost.
The cyberwars have already started and our government simply doesn’t know how to deal with it. Get a clue you morons! Buy a clue if you can’t come up with one on your own. Don’t fuck it up the way you do just about everything else. This issue is simply too important and too dangerous.