IRS Data Security Still a Concern

Lucas123 writes "Computerworld has a story about the possibility and the potential ramifications of an IRS data loss similar to the UK's recent mishap. According to one World Bank executive, it could have already happened, 'and we don't know about it.' While the IRS does offer data encryption to its workers, more than half of its 94,000 employees have permission to take taxpayer information to locations outside the IRS offices. In the 2007 filing season, roughly 128 million individual tax returns were filed. In addition to the basic personal information on those forms, an IRS breach could also jeopardize the banking information of the 46% of filers who requested direct deposit refunds. This is not the first time that IRS security has been called into question, and the Department of Treasury's progress in that arena is dubious. [PDF]"

Re:Direct deposit

[Clomer]

I used to work for a check printing company, and I can tell you that the most common type of check fraud is where someone orders checks with someone else's routing and account information. If you have a person's income tax statement complete with name, address, and bank account information, then you have all you need to order fraudulent checks. Heck, you could even have your name printed on them, but have the fraudulent account number info on the checks. You'd be surprised how easy it would be to cash such a check.

Not that I would recommend it: we, at the check company, were taught certain red flags, things to watch for that may indicate a fraudulent order (and a good CSR won't let it on that they suspect you), and I won't go into those details here. And the penalties are pretty stiff if you are caught.