IRS offers security assurances

Despite a critical report revealing security gaps in the Internal Revenue Service's electronic filing system, the IRS is confident that the problems have been fixed, and the system is being upgraded.

A report from the General Accounting Office last week stated that government investigators were able to hack into the IRS computer system last year and access Social Security numbers and other sensitive information from electronically filed tax returns.

But IRS Commissioner Charles Rossotti, in a letter to GAO, assured auditors that the tax agency has worked hard to fix the flaws in its e-filing system.

Rossotti said that the IRS has increased its security program in the past 10 months and improved its infrastructure. The IRS also is working to create a better computer security incident reporting system and better detection of intrusions, he said.

"To put it simply, taxpayers can feel safe and secure using e-filing during the 2001 filing season. We have strengthened our systems' security, and we will remain vigilant to keep our e-filing process the safest possible," Rossotti said.

GAO said its hackers were able to gain access because the IRS had not used adequate password management practices or encryption technology for online transactions.

Although Rossotti said the IRS had no evidence that real break-ins had occurred, the GAO report said that the tax agency did not have the right system in place to detect intrusions.

"The road to a secure e-filing system still has a lot of potholes in it," said Pete Sepp, spokesman for the National Taxpayers Union, a watchdog group.

"One of the reasons why e-tailers have had trouble attracting customers is the fear of security. That translates doubly so to tax filing. If you are concerned about turning over your credit card number, imagine the fear over sensitive tax data being compromised," he said.