Perspective | IRS apology in Trump-related case reveals agency’s shoddy tax security (2024)

When an Internal Revenue Service contractor embarrassed the agency by leaking confidential information in 2019, attention focused on Donald Trump, who had broken presidential campaign tradition by not revealing his tax records.

But the potential damage went far beyond the president and a few other wealthy Americans whose IRS files were leaked to the New York Times and ProPublica. The leak fueled stories showing how Trump and other mega-wealthy Americans for years paid little or no income tax.

The theft also revealed the private tax data of more than 80,000 people and businesses. That further exposed long-standing IRS cybersecurity shortcomings, a problem plaguing much of government.

IRS officials, pushed by a lawsuit filed by Citadel CEO Kenneth Griffin, apologized to him and the other taxpayers through a news release last week.

Advertisement

“The Internal Revenue Service sincerely apologizes to Mr. Kenneth Griffin and the thousands of other Americans whose personal information was leaked to the press,” the statement said. “The agency believes that its actions and the resolution of this case will result in a stronger and more trustworthy process for safeguarding the personal information of all taxpayers.”

For Griffin, a billionaire Republican megadonor who took no money in the settlement, the case was about accountability, not damages. The leaked taxes showed that Griffin, far from a tax dodger, was the second-largest tax payer in the country from 2013 to 2018.

His statement said he is “grateful to my team for securing an outcome that will better protect American taxpayers and that will ultimately benefit all Americans.”

The IRS confirmed to The Washington Post that 80,000 people and businesses have been affected by the leak, but did not include that figure in its announcement. Although the IRS informed victims through letters that their information was compromised, the apology was communicated only through the news release.

Advertisement

In May, the agency told affected taxpayers that “we do not know — at least not at this point — the full scope of the specific information that Mr. Littlejohn unlawfully disclosed” and that there was “no indication thus far that any of this information” was illegally shared beyond the two news organizations.

When Charles P. Rettig was IRS commissioner two years ago, he downplayed the notion that the tax data was stolen from the agency. He told the Senate Finance Committee there was no indication “that it was actually stolen from the IRS.” Now, after being pressed to do the right thing, the apology from the IRS “acknowledges that it failed to prevent Mr. Littlejohn’s criminal conduct and unlawful disclosure of Mr. Griffin’s confidential data.”

The apology comes after the January sentencing of Charles E. Littlejohn, a former IRS contractor in the District, to five years in prison for leaking the documents. His testimony in the lawsuit reveals how raggedy IRS cybersecurity was.

Advertisement

In a March videotaped deposition, the former Booz Allen Hamilton government-contracting firm employee said, “I was able to access tax returns at will.” He uploaded the records to a private website, “then, on a separate computer, I could log in and download the data.”

To those affected, it might sound like closing the barn door after the horse escaped, but an agency email to The Post said “this incident was simply unacceptable … and it is completely at odds with the IRS’s values and the agency’s commitment to taxpayers. IRS Commissioner Danny Werfel has taken aggressive action to enhance data security to ensure, to the fullest extent feasible, that nothing like the Littlejohn incident from several years ago can happen again in the future.”

That action includes “10 key areas” of enhanced taxpayers’ protection listed in a May 10 IRS document. They include restricting “the number of people with access to the most sensitive taxpayer data sets,” adding “additional firewalls between key taxpayer information and the rest of the IRS,” reducing “dramatically … users’ ability to connect removable media, such as thumb drives, to IRS computers,” and logging “any printing of personal or sensitive tax information … for IRS cybersecurity use.”

Advertisement

Government Accountability Office (GAO) officials first designated government-wide cybersecurity as a high-risk area in 1997, and IRS information security problems were documented well before the Littlejohn exposures. A 2011 GAO audit said despite some progress, “information security weaknesses … continue to jeopardize the confidentiality, integrity, and availability of financial and sensitive taxpayer information.” Just last week, GAO warned that without “a guidance structure to better protect taxpayer information … it is unclear how IRS will adapt to changing security threats in the future and ensure those threats are mitigated.”

The Treasury Inspector General for Tax Administration (TIGTA), which conducted the criminal investigation into Littlejohn, reported last year that 21 percent of IRS contractors were delinquent in their required annual privacy awareness training, increasing the risk that they are not prepared to handle taxpayer information. The inspector general will issue a memorandum this month summarizing previously identified IRS data security systemic issues. A TIGTA statement also said it is reviewing how IRS notified taxpayers of the records theft and “confirming whether IRS has ongoing efforts to continue to identify any additional victims of the disclosure.”

In February, TIGTA reported security shortcomings, including “procedures to systemically remove” access to IRS programs for people who no longer require it “were not always working as intended.” The inspector general also discovered 19 contractors who “retained their access to one or more sensitive systems” after unfavorable reports in their most recent background investigations.

Advertisement

As the lawsuit progressed, Griffin’s team was increasingly “horrified at the lack of security and precautions that the IRS takes with people’s confidential information,” Brooke Cucinella, Citadel’s global head of litigation and regulatory inquiries, said during an interview. But the settlement was just what they wanted because it “goes back to them [IRS officials] taking it seriously and committing publicly to investing and fixing these weaknesses and these vulnerabilities.”

But “it shouldn’t take a high-profile lawsuit to extract an apology from an agency that violated Americans’ privacy — and we are awaiting more information on how the IRS plans to prevent this from ever happening again,” House Ways and Means Chairman Jason T. Smith (R-Mo.) said. “The ease and brazenness at which Charles Littlejohn stole and then disclosed confidential financial information for political gain proves change is needed.”

And while “an apology is always nice,” Cucinella said, “an apology with nothing behind it would have been … empty.”

“This always was about accountability.”

Perspective | IRS apology in Trump-related case reveals agency’s shoddy tax security (2024)

FAQs

Who appoints the head of the IRS? ›

Commissioners are nominated by the president and confirmed by the Senate. The IRS Commissioner and the IRS Chief Counsel are the only appointees within the agency. All other employees are career civil servants. Since the IRS Restructuring and Reform Act of 1998, commissioners have been appointed to a five-year term.

How many people work for the IRS? ›

Download Table Data
StateIRS Workers
California3,200
Maryland2,300
Utah2,200
Georgia2,000
47 more rows

What does the IRS do? ›

The IRS role is to help the large majority of compliant taxpayers with the tax law, while ensuring that the minority who are unwilling to comply pay their fair share.

What does the IRS commissioner do? ›

More In Our Agency

Danny Werfel serves as the 50th Commissioner of the Internal Revenue Service. As Commissioner, he presides over the nation's tax system, which collects approximately $4.1 trillion in tax revenue each year representing about 96% of the total gross receipts of the United States.

Who is the only US President ever to visit the IRS headquarters? ›

It was the start of a historic effort that led to greater stability and peace in the world. President Kennedy – by the way – is the only President to ever visit the IRS headquarters.

Who is in control of the IRS? ›

The IRS is led by the Commissioner and Deputy Commissioner who oversee the organization's operating divisions and integrated support functions.

How much does a IRS agent make? ›

Irs Agent Salary
Annual SalaryMonthly Pay
Top Earners$100,000$8,333
75th Percentile$70,500$5,875
Average$61,639$5,136
25th Percentile$37,500$3,125

How much does IRS pay employees? ›

How much does IRS in California pay? The average IRS salary ranges from approximately $43,638 per year for Customer Service Representative to $142,273 per year for Senior Economist. Average IRS hourly pay ranges from approximately $18.25 per hour for Tax Examiner to $31.98 per hour for Technician.

How much does the IRS make a year from taxes? ›

During Fiscal Year (FY) 2023, the IRS collected nearly $4.7 trillion in gross taxes, processed almost 271.5 million tax returns and other forms, and issued about $659.1 billion in tax refunds.

Does the IRS check your bank accounts? ›

The IRS probably already knows about many of your financial accounts, and the IRS can get information on how much is there. But, in reality, the IRS rarely digs deeper into your bank and financial accounts unless you're being audited or the IRS is collecting back taxes from you.

How many years can you go without filing taxes? ›

Additionally, you have to consider the state you live in. For example, if you live in California, they have a legal right to collect state taxes up to 20 years after the date of the assessment!

What is the largest deduction from your paycheck? ›

Perhaps the most widely recognized type of mandatory deductions are federal and state payroll taxes, even though most states technically consider them to simply be taxes instead of "deductions." At the federal level, the biggest deductions go towards Social Security and Medicare taxes, which were originally created by ...

What is the number one most requested form from the IRS? ›

Form 1040 is used by U.S. taxpayers to file an annual income tax return.

Why does the IRS have so much power? ›

Pursuant to section 7801, the Secretary of Treasury has full authority to administer and enforce the internal revenue laws and has the power to create an agency to enforce such laws. Based upon this, the Internal Revenue Service was created.

Who investigates the IRS? ›

IRS Criminal Investigation (CI) serves the American public by investigating potential criminal violations of the Internal Revenue Code and related financial crimes in a manner that fosters confidence in the tax system and compliance with the law.

How much does the head of the IRS make? ›

What are Top 10 Highest Paying Cities for Commissioner Of Internal Revenue Jobs
CityAnnual SalaryWeekly Pay
Santa Monica, CA$129,656$2,493
Daly City, CA$127,975$2,461
Boston, MA$126,156$2,426
Wausau, WI$125,834$2,419
6 more rows

Who does the IRS chief counsel report to? ›

Under the IRS Restructuring and Reform Act of 1998, the Chief Counsel reports to both the IRS Commissioner and the Treasury General Counsel. Attorneys in the Chief Counsel's Office serve as lawyers for the IRS.

Who controls the US Treasury? ›

Janet Yellen is the Secretary of the Treasury.

How much does the IRS cost to run each year? ›

Historically, IRS annual appropriations have remained largely consistent when adjusted for inflation, and budgets have been generally stable for at least the last two decades. In 2004, the agency's budget was $10.4 billion; in 2014, about $12 billion; in 2022, $12.6 billion.

References

Top Articles
Latest Posts
Recommended Articles
Article information

Author: Pres. Lawanda Wiegand

Last Updated:

Views: 5465

Rating: 4 / 5 (71 voted)

Reviews: 86% of readers found this page helpful

Author information

Name: Pres. Lawanda Wiegand

Birthday: 1993-01-10

Address: Suite 391 6963 Ullrich Shore, Bellefort, WI 01350-7893

Phone: +6806610432415

Job: Dynamic Manufacturing Assistant

Hobby: amateur radio, Taekwondo, Wood carving, Parkour, Skateboarding, Running, Rafting

Introduction: My name is Pres. Lawanda Wiegand, I am a inquisitive, helpful, glamorous, cheerful, open, clever, innocent person who loves writing and wants to share my knowledge and understanding with you.