December 17,2020
WASHINGTON
– Senate Finance Committee Chairman Chuck Grassley (R-Iowa) and Senate Finance
Committee Ranking Member Ron Wyden (D-Ore.) today requested
IRS Commissioner Chuck Rettig provide an immediate briefing on whether taxpayer
data was compromised in the SolarWinds hack.
Grassley, Wyden Request Immediate IRS Briefing on Whether Taxpayer Data Was Compromised in SolarWinds Hack
WASHINGTON
– Senate Finance Committee Chairman Chuck Grassley (R-Iowa) and Senate Finance
Committee Ranking Member Ron Wyden (D-Ore.) today requested
IRS Commissioner Chuck Rettig provide an immediate briefing on whether taxpayer
data was compromised in the SolarWinds hack.
“The
IRS appears to have been a customer of SolarWinds as recently as 2017. Given
the extreme sensitivity of personal taxpayer information entrusted to the IRS,
and the harm both to Americans’ privacy and our national security that could
result from the theft and exploitation of this data by our adversaries, it is
imperative that we understand the extent to which the IRS may have been
compromised,” the senators wrote. “It is also critical that we
understand what actions the IRS is taking to mitigate any potential damage,
ensure that hackers do not still have access to internal IRS systems, and
prevent future hacks of taxpayer data.”
Text
of the letter
follows:
We
write to express our deep concern about recent reports that several federal
government agencies have been compromised by sophisticated hackers. According
to these reports, this hacking operation is historic in scope, and has
seemingly affected not only the Treasury Department, of which the Internal
Revenue Service is the largest bureau, but the Commerce Department, State
Department, Department of Homeland Security, National Institutes of Health, and
parts of the Pentagon.
On
Sunday, the Cybersecurity and Infrastructure Security Agency (CISA) issued
Emergency Directive 21-01. According to CISA, SolarWinds Orion products are
currently being exploited by malicious actors, presenting a “high potential for
compromise of agency information systems,” and a successful compromise would
have a “grave impact” on federal networks. Agencies have been instructed by
CISA to immediately power down SolarWinds Orion products and then hunt for
signs of further compromise
The
IRS appears to have been a customer of SolarWinds as recently as 2017. Given
the extreme sensitivity of personal taxpayer information entrusted to the IRS,
and the harm both to Americans’ privacy and our national security that could
result from the theft and exploitation of this data by our adversaries, it is
imperative that we understand the extent to which the IRS may have been
compromised. It is also critical that we understand what actions the IRS is
taking to mitigate any potential damage, ensure that hackers do not still have
access to internal IRS systems, and prevent future hacks of taxpayer data.
We
request an immediate briefing on the IRS’ efforts to discover whether its
systems were breached, and if they were, whether sensitive taxpayer information
was stolen.
Next Article Previous Article