“Our testing of mock taxpayer data determined that the IRS network allowed uploads of taxpayer data to [redacted].”
IRS systems containing private taxpayer information can still be compromised, as documented in a heavily-redacted recent audit report from the official agency watchdog, the Treasury Inspector General for Tax Administration.
After the largest theft of private taxpayer data in IRS history, it appears the testers were trying to see if a thief could still steal IRS data using virtual machines, such as the type used by the convicted thief. Unfortunately, the report indicates this problem has not been solved.
Key sentence:
“Our testing of mock taxpayer data determined that the IRS network allowed uploads of taxpayer data to [redacted].”
A reasonable interpretation shows the testers exfiltrated mock data to a virtual machine and then moved the data to a personal device where it was accessed:
“However, we found that [redacted] to an [redacted] and [redacted] that [redacted] to a [redacted]. Once [redacted] was transmitted, we were able to [redacted] open it on a personal device, and read the data. In addition, following IRS approved methods for external [redacted] we were able to [redacted] and [redacted]. We were then able to [redacted].”
The report is titled, Actions Need to Be Taken to Improve the Data Loss Prevention Solution and Reduce the Risk of Data Exfiltration.
Screenshot excerpts are below. Judge for yourself.
Excerpt 1:
Excerpt 2:
Excerpt 3:
Excerpt 4: