How do you get a secret username and password out of an IRS employee? … Just ask.

The IRS is fairly diligent when it comes to warning citizens about IRS-related phishing scams, IRS-related malware, and IRS-related rip-off artists. What they’ve needed to be doing, though, is warning us about IRS employees.
Turns out that the carelessness and gullibility of that bunch of nincompoops may represent at least as great a threat to the safety of taxpayers’ digital information as the phishers, virus writers and con men.
From an Associated Press report:
IRS employees ignored security rules and turned over sensitive computer information to a caller posing as a technical support person, according to a government study.
Sixty-one of the 102 people who got the test calls, including managers and a contractor, complied with a request that the employee provide his or her user name and temporarily change his or her password to one the caller suggested, according to the Treasury Inspector General for Tax Administration, an office that does oversight of Internal Revenue Service. The caller asked for assistance to correct a computer problem.
{This should be a warning sign to consumers who value the confidentiality and privacy of their health records.  If IRS employees turned over sensitive information to a caller pretending to be a computer support person, will Medicare and Medicaid employees do the same thing? If you believe you, and only you, own your health records and want Congress to act, contact your Senator and tell them to protect the privacy of your health records. ~ Dr. Deborah Peel, Patient Privacy Rights}

Leave a Reply

Your email address will not be published. Required fields are marked *