WASHINGTON—The Internal Revenue Service inadvertently posted what is normally confidential information involving about 120,000 individuals before discovering the error and removing the data from its website, officials said Friday.
The data are from Form 990-T, which is often required for people with individual retirement accounts who earn certain types of business income within those retirement plans. That typically includes people whose IRAs are invested in master limited partnerships, real estate or other assets that generate income, not those whose IRAs are solely invested in securities.
More to Know About Taxes, the IRS
The disclosures included names, contact information and financial information about income within those IRAs. It didn’t include Social Security numbers, full individual income information or other data that could affect a taxpayer’s credit, the Treasury Department determined, according to a letter that the administration is sending to key members of Congress on Friday.
Like most individual tax filings to the IRS, those forms are supposed to be confidential. But charities with so-called unrelated business income are also required to file Form 990-T, and those filings are supposed to be open to the public.
The IRS and Treasury Department blamed a human coding error that happened last year when Form 990-T began to be electronically filed. The nonpublic data was mistakenly included with the public data and all of it was available for searching and downloading on the agency’s website. The Wall Street Journal, which routinely analyzes nonprofit tax filings, downloaded at least some of the data before its removal.
An IRS research employee discovered the mistake in recent weeks, triggering a broader inquiry and leading to the removal of the data. As required under federal law governing major information-security incidents, the IRS notified Congress on Friday. Affected taxpayers will be notified in the coming weeks.
“The IRS is continuing to review this situation,” Anna Canfield Roth, the Treasury Department’s acting assistant secretary for management, told lawmakers in Friday’s letter. “The Treasury Department has instructed the IRS to conduct a prompt review of its practices to ensure necessary protections are in place to prevent unauthorized data disclosures.”
The IRS has long struggled with aging information-technology systems and occasional instances of private taxpayer information being released.
Last year, the news organization ProPublica published tax data about many of the wealthiest and highest-income Americans, triggering investigations. So far, it is unknown where that data came from.
—Andrea Fuller and Laura Saunders contributed to this article.
Write to Richard Rubin at [email protected]
Copyright ©2022 Dow Jones & Company, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8
Appeared in the September 3, 2022, print edition as ‘IRS Says It Exposed Some Taxpayer Data.’