Tuesday, May 13, 2025
Follow us On Linkedin
HomeData BreachIRS Data Leak - Over 120,000 User Data Leaked

IRS Data Leak – Over 120,000 User Data Leaked

Data Breach

Published on

By Gurubaran
IRS Data Leak

Supply Chain Attack Prevention

SIEM as a Service

Follow Us on Google News

It has been discovered that over 120,000 taxpayers‘ confidential information was accidentally leaked by the IRS (Internal Revenue Service). As part of their tax returns, all of these individuals filed a form 990-T.

Unrelated business income is reported through IRS Form 990T to tax-exempt entities like:-

  • Nonprofits (charities)
  • IRA retirement accounts
  • SEP retirement accounts

An individual retirement account is an account that pays income from investments such as real estate and sales that are unrelated to the core purpose of the nonprofit or from sales that are unrelated to that purpose.

- Advertisement - Google News

Data Exposure

Normally, when a taxpayer submits these forms to the IRS, the IRS is the only organization that is able to see them. Despite this, non-profit organizations must retain their Form 990-T for a period of three years after they are filed.

Recently, the Internal Revenue Service discovered that the bulk download section of the TEOS now allows users to download data in a machine-readable format (XML) for Form 990-T.

Approximately 120,000 taxpayer records were exposed by the data leak, including an array of personal information, such as:-

  • Names
  • Contact information
  • Reported financial income data (Within those IRAs)

Moreover, these are some of the things that were not included in the exposure:-

  • Social Security numbers
  • Full individual income information
  • Other data that could affect a taxpayer’s credit

The mistake was discovered in recent weeks by an IRS employee who works in the research department. The data was removed as a result of a more comprehensive investigation that triggered a broader inquiry.

Furthermore, the IRS will begin notifying affected taxpayers as soon as possible within the coming weeks. 

Due to aging information-technology systems, the IRS has had to deal with challenges for quite some time. Consequently, there have been instances in which private taxpayer information has been disclosed as a result.

Secure Azure AD Conditional Access – Download Free White Paper

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

cyber security

PoC Exploit Published for macOS Sandbox Escape Vulnerability (CVE-2025-31258)

Security researchers have disclosed a new macOS sandbox escape vulnerability tracked as CVE-2025-31258, accompanied...
cyber security

Four Hackers Caught Exploiting Old Routers as Proxy Servers

U.S. authorities unsealed charges against four foreign nationals accused of operating a global cybercrime...
cyber security

F5 BIG-IP Vulnerability Allows Remote Command Execution

Critical security vulnerability in F5 BIG-IP systems has been discovered that allows authenticated administrators...
Cyber Attack

Scattered Spider Launches Supply Chain Attacks on UK Retail Organizations

Scattered Spider, also known as Roasting 0ktapus and Scatter Swine, has emerged as a...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

Register Now

More like this

cyber security

Repeated Firmware Key-Management Failures Undermine Intel Boot Guard and UEFI Secure Boot

The security of fundamental technologies like Intel Boot Guard and UEFI Secure Boot has...
Cyber Attack

Cyberattackers Targeting IT Help Desks for Initial Breach

Cybercriminals are increasingly impersonating IT support personnel and trusted authorities to manipulate victims into...
cyber security

Nomad Bridge Hacker Apprehended in Connection with $190 Million Heist

Alexander Gurevich, a 47-year-old dual Russian-Israeli citizen, was arrested last Thursday at Ben-Gurion Airport...

GBHackers on Security is a top cybersecurity news platform, delivering up-to-date coverage on breaches, emerging threats, malware, vulnerabilities, and global cyber incidents.

Company

Trending

Categories

Copyright @ 2016 - 2025 GBHackers On Security - All Rights Reserved