The IRS has signed a fraud-prevention contract with Equifax, the firm that could not prevent one of the biggest security breaches in history, in which hackers compromised their databases and exposed 145.5 million Americans to identity theft.
The credit agency was awarded the $7.25 million contract to “verify taxpayer identity” and “assist in ongoing identity verification and validations,” according to text of the agreement posted in the Federal Business Opportunities database on Sept. 30.
The contract was labeled a “sole source order,” meaning that the IRS considered Equifax the only company capable of providing the work.
The decision drew quick and sharp bipartisan protest.
“In the wake of one of the most massive data breaches in a decade, it’s irresponsible for the IRS to turn over millions in taxpayer dollars to a company that has yet to offer a succinct answer on how at least 145 million Americans had personally identifiable information exposed,” Senate Finance Chairman Orrin Hatch (R-UT) told Politico.
Added the committee’s ranking member, Sen. Ron Wyden (D-OR): “The Finance Committee will be looking into why Equifax was the only company to apply for and be rewarded with this. I will continue to take every measure possible to prevent taxpayer data from being compromised as this arrangement moves forward.”
In a statement, the IRS replied that Equifax told them that no IRS info was compromised in the breach, and that the company had provided similar services to the IRS in the past. “Following an internal review and an on-site visit with Equifax, the IRS believes the service Equifax provided does not pose a risk to IRS data or systems,” the statement reads. “At this time, we have seen no indications of tax fraud related to the Equifax breach, but we will continue to closely monitor the situation.”
In September, the credit-reporting agency revealed that hackers accessed the data of more than 145 million Americans, including social security numbers. Equifax was then heavily criticized for its attempts to right the situation, which included an offer of free credit-monitoring coverage seemingly limiting consumers’ right to sue.
In response to last month’s IRS contract signing, Reps. Suzan DelBene (D-WA) and Earl Blumenauer (D-OR) have sent letters to IRS Commissioner John Koskinen demanding that he justify his decision.
“I was initially under the impression that my staff was sharing a copy of the Onion, until I realized this story was, in fact, true,” wrote Blumenauer.
