During a House committee hearing on Thursday, legislators questioned Internal Revenue Service (IRS) Commissioner John Koskinen about measures taken to improve the agency’s cybersecurity methods.
During an opening statement at the House Committee on Science, Space and Technology hearing, Chairman Lamar Smith (R-Texas) said, “The IRS has not taken the necessary steps to ensure that individuals are who they claim to be before handing over Americans’ confidential tax information.”
The discussion came after three days of testimony by Koskinen about cybersecurity measures his agency has taken to remedy its weak information security practices.
The IRS has come under fire after its taxpayer information retrieval system, called “Get Transcript,” was breached for a four-month period last year. The agency disclosed the breach in May 2015, announcing that taxpayer information of more than 100,000 Americans was compromised.
The agency increased its estimate of the number of accounts affected in August 2015, stating that the breach affected more than 300,000 taxpayers.
Immediately before the committee hearing, Speaker of the House Paul Ryan’s (R-Wis.) office published a blog post questioning the agency on its cybersecurity readiness and timeline for implementing recommendations made by the Government Accountability Office (GAO) report.
“What is the holdup? Why not pledge to do these things now?” Michael Shapiro, Ryan’s communications advisor, wrote in the blog post.
Koskinen addressed the lawmakers’ concerns during the committee hearing. “There has been some question about why we didn’t immediately sign on to the most recent ones, but the process is we are supposed to advise Congress within 60 days of a detailed timeline,” he said. “We’re limited by time and resources, but we are committed in the security area to implement those as quickly as we can.”