Read the Beforeitsnews.com story here. Advertise at Before It's News here.
Profile image
By The St. Louis Tea Party (Reporter)
Contributor profile | More stories
Story Views
Now:
Last hour:
Last 24 hours:
Total:

Congressional Committee questions US Dept of Ed and IRS over Data Breach

Wednesday, May 3, 2017 17:17
% of readers think this story is Fact. Add your two cents.


It hasn’t made the news much, maybe because the US Department of Education never told anyone, including Congress, and still refuses to call it a breach. But officials agree, there has been a data breach, possibly affecting 100,000 taxpayers. The breach stems from the IRS Data Retrieval Tool which imported tax information for the Free Application Federal Student Aid (FAFSA) on the US Department of Education’s website.  The IRS knew about this vulnerability in October 2016 but left the tool online and operational. *Important to note that some citizens who have recently received notification in the mail that their data was compromised in this breach, have not even used this FAFSA tool.

NOTE FROM MEW–Before we delve into the hearings, we want to remind you that the USDoE has also received failing FITARA security score (with 400 repeat incidents).  Given the track record of failing security, NOT reporting a breach, WHY should they continue to receive ANY student information, much less push for EXPANSION of data collection, a “pinterest of student data” ,  NATIONAL STUDENT TRACKING DATABASE?     We think parents should be able to consent before their child’s data is shared, marketed, profiled outside of the school. If you agree, join us in asking Congress and President Trump to put parents back in control.  Fix FERPA.

THE BREACH

Today, the Chief Information Officers of both USDoE and IRS were grilled for over 4 hours by legislators from the House Oversight Committee. According to a published report in The Hill,

Rep. Jim Jordan (R-Ohio) said that the IRS only notified Congress of the breach in the public testimony in April, more than a month after confirming that there was suspicious activity on the tool.

Jordan and Rep. Gerry Connolly (D-Va.) indicated that the lack of notification could constitute a violation of the Federal Information Security Modernization Act.

“The breach at the Department of Education is something that we’ve been warning about on this committee for quite some time,” Connolly said. “The Department of Education holds data on 139 million individuals.”

“It seems like it was incumbent on the Department of Education to inform us in a timely fashion,” Connolly said. “I think it’s in violation of the law. I know we’re going to pursue that more.”

Reviewing the FAFSA Data Breach

The House Oversight Committee hearing can be seen here, and highlights, witness testimony posted by the Committee are below.

TAKEAWAYS:

  • The Department of Education (the Department) refuses to recognize this as a “data breach” and has not implemented solutions to fix the vulnerabilities.
  • The Treasury Inspector General for Tax Administration witness testified that individuals involved in prior criminal activity against the Internal Revenue Service (IRS) were also involved in this exploitation of the Free Application for Federal Student Aid and the Data Retrieval Tool (DRT).
  • In September of 2016, the IRS identified vulnerabilities with its DRT and did not take immediate action to encrypt and secure sensitive data.
  • FISMA requires that agencies notify Congress of a “major incident” within seven days of detection. The Department and the IRS failed to meet this legal obligation and notified Congress 38 days after the incident.

PURPOSE:

  • To examine operational and cybersecurity decisions made by the Department and the IRS regarding the security breach of the DRT.

BACKGROUND:

  • In March 2017, the Department and the IRS shut down the DRT on FAFSA.gov and StudentLoans.gov when hackers gained access to taxpayers’ adjusted gross incomes, which criminals can use to file fraudulent tax returns.
  • IRS warned the Department about this security vulnerability as early as October 2016; they continued to discuss the problem for several months until suspicious use had risen to the level that a shutdown was required.
  • Initial estimates show 120,000 taxpayers’ information impacted, and the administration of financial aid processing has been disrupted.

KEY VIDEOS:

Rep. Jody Hice (R-GA): “It appears to me at the end of the day you’re either in denial of what happened or you’re incompetent or you’re just untruthful in what’s happening here . . . the abuse that’s been inflicted on American citizens by the IRS is inexcusable and its time that there’s accountability and some change that takes place at the IRS.”

frameborder=”0″>

Chairman Mark Meadows (R-NC): At what point are we going to get [notifying Congress of data breaches] right? Because we continue to have breaches . . .and yet what happens is we’re always coming in after the fact to look at this.

frameborder=”0″>

Rep. Paul Michell (R-MI): “When you’ve got something as important as personal information from the amount of students you have, the moment in time that you think your data has been breached you have . . . a moral if not legal responsibility to notify Congress. That’s a lot of information and it wasn’t done, and its not the first time it wasn’t done.”

frameborder=”0″>

Witnesses and testimonies

Name Title Organization Panel Document
Mr. James W. Runcie Chief Operating Officer Office of Federal Student Aid, Department of Education Document
Mr. Jason K. Gray Chief Information Officer Department of Education Document
The Honorable Ken Corbin Deputy Commissioner Wage and Investment Division, Internal Revenue Service Document
Ms. Gina Garza Chief Information Officer Internal Revenue Service Document
Mr. Tim Camus Deputy Inspector General Treasury Inspector General for Tax Administration

https://oversight.house.gov/hearing/reviewing-fafsa-data-breach/

Cheri Kiesecker

Let’s block ads! (Why?)


Source: http://feedproxy.google.com/~r/StLouisTeaParty/~3/PpboHPB3tG8/


Before It’s News® is a community of individuals who report on what’s going on around them, from all around the world.

Anyone can join.
Anyone can contribute.
Anyone can become informed about their world.

"United We Stand" Click Here To Create Your Personal Citizen Journalist Account Today, Be Sure To Invite Your Friends.

Please Help Support BeforeitsNews by trying our Natural Health Products below!


Order by Phone at 888-809-8385 or online at https://mitocopper.com M - F 9am to 5pm EST

Order by Phone at 866-388-7003 or online at https://www.herbanomic.com M - F 9am to 5pm EST

Order by Phone at 866-388-7003 or online at https://www.herbanomics.com M - F 9am to 5pm EST


Humic & Fulvic Trace Minerals Complex - Nature's most important supplement! Vivid Dreams again!

HNEX HydroNano EXtracellular Water - Improve immune system health and reduce inflammation.

Ultimate Clinical Potency Curcumin - Natural pain relief, reduce inflammation and so much more.

MitoCopper - Bioavailable Copper destroys pathogens and gives you more energy. (See Blood Video)

Oxy Powder - Natural Colon Cleanser!  Cleans out toxic buildup with oxygen!

Nascent Iodine - Promotes detoxification, mental focus and thyroid health.

Smart Meter Cover -  Reduces Smart Meter radiation by 96%! (See Video).

Report abuse

    Comments

    Your Comments
    Question Razz Sad Evil Exclaim Smile Redface Biggrin Surprised Eek Confused Cool LOL Mad Twisted Rolleyes Wink Idea Arrow Neutral Cry Mr. Green

    MOST RECENT
    Load more ...

    SignUp

    Login

    Newsletter

    Email this story
    Email this story

    If you really want to ban this commenter, please write down the reason:

    If you really want to disable all recommended stories, click on OK button. After that, you will be redirect to your options page.