US Internal Revenue Service 2014 Misuse (Q15289)
From Open Risk Manual
A data breach risk event
Language | Label | Description | Also known as |
---|---|---|---|
English | US Internal Revenue Service 2014 Misuse |
A data breach risk event |
Statements
9A8C1D63-AB1A-4187-9A50-CFB89154EFC4
January 2014
0 references
The United States Internal Revenue Service (IRS) has suffered a data breach in which the personal details of 20,000 employees have been exposed. The incident is a result of an employee mishandling an unencrypted thumb drive, not a malicious attack from outside the organization. In a statement regarding the incident, the IRS has revealed that the thumb drive contained the details of employees. The information dates back to 2007 or earlier. No taxpayer information has been exposed and the IRS is confident that this has been an isolated incident. The incident stems from an employees use of an unencrypted thumb drive and does not involve a third-party breach of any of our systems. This was not a problem with our network or systems, but rather an isolated instance. We are working cooperatively (English)