A government audit of Internal Revenue Service financial statements reveals deficiencies in security controls. The IRS has a comprehensive framework for its information security program, according to the GAO audit. The audit also uncovered deficiencies in the way the IRS uses passwords. The latest critique occurred in the wake of the breach of the IRS’s Get Transcript system in May (see IRS: Hack Much Wider Than First Thought) The IRS is one of many federal agencies that have failed to get a clean bill of health from auditors sizing up their security efforts.”]
Source: https://www.bankinfosecurity.com/gao-taxpayer-data-at-increased-risk-a-8685