The Recent IRS Breach and How We Can Act to Secure Personal Data

I am very concerned about the recent IRS announcement that hackers gained access to past tax returns of more than 100,000 people. For information about the breach and how you can protect yourself, please visit the official IRS website.

While the investigation is ongoing, signs suggest that these records were breached using data stolen during previous hacks of private sector and government databases.

Over the past decade, almost one billion records with personal information have been compromised -- things like Social Security numbers, birth dates, address and even tax filing status. In many cases, those breaches were not highly sophisticated, and in some cases, consumers were never made aware that their information was compromised. As the IRS hack reminds us, those data breaches have very real consequences.

Americans have a right to the security of their personal information, and the entities that hold personal information have a responsibility to protect it.

The Commerce, Manufacturing, and Trade Subcommittee -- where I serve as the top Democrat -- has been considering legislation regarding data breach. As I have consistently stated, that legislation must require entities holding sensitive data to adequately protect it, and to notify users or customers in the event of a breach. Had both of those requirements been in place, the IRS breach might not have been as effective or wide-ranging as it was. I will continue to work to enact legislation that prioritizes data security.

In the coming weeks, the IRS will also analyze what enhanced security measures would make it more difficult for criminals to access tax records with stolen data. I look forward to learning where the agency will go from here to better protect personal information and avoid errors in payment.