Senators Ask IRS Whether Taxpayer Data Hit in SolarWinds Hack

(Bloomberg) -- The top lawmakers on the Senate Finance Committee want a briefing from the IRS about whether taxpayer files were breached in the cyber-attack on multiple federal agencies.

Senate Finance Chairman Chuck Grassley and Ron Wyden, the committee’s top Democrat, sent a letter to Internal Revenue Service Commissioner Chuck Rettig on Thursday requesting information about the integrity of taxpayer data and how officials are mitigating any potential damage from the hack linked to Russia.

“Given the extreme sensitivity of personal taxpayer information entrusted to the IRS, and the harm both to Americans’ privacy and our national security that could result from the theft and exploitation of this data by our adversaries, it is imperative that we understand the extent to which the IRS may have been compromised,” the senators wrote in the letter.

U.S. government agencies were attacked as part of a global campaign orchestrated by hackers believed to be tied to the Russian government, according to U.S. officials. The hackers were reported to have installed a malicious vulnerability in software from Texas-based SolarWinds Corp., whose customers include top government agencies and Fortune 500 companies.

The IRS appears to have been a customer of SolarWinds as recently as 2017, the letter said.

All federal civilian agencies were ordered by the U.S. Cybersecurity and Infrastructure Security Agency to review their networks and disconnect or power down SolarWinds’s Orion software products immediately.

The IRS has long been a target for cyber attacks because of the wealth of private data it has on American households and businesses. The agency suffered a large-scale attack in 2015, when the data for approximately 700,000 taxpayers was stolen.

©2020 Bloomberg L.P.