Large-scale IRS tax data breach leads to a public apology from IRS. The Ken Griffin’s Data Leak Suit has now ended up in settlement.
The Internal Revenue Service (IRS) issued a public apology on June 25th to billionaire Ken Griffin and thousands of other Americans, including former President Donald Trump and Tesla CEO Elon Musk, whose confidential tax data was leaked by an IRS contractor between 2018 to 2020.
Charles Littlejohn, a 38-year-old former IRS contractor, accessed taxpayers’ sensitive personal information through an IRS database between 2018-2020.
He uploaded tax returns of wealthy individuals to a private website to circumvent the IRS’s security measures aimed at preventing mass downloads or uploads.
Littlejohn then saved copies of the tax returns on multiple storage devices and leaked the data to media outlets, providing Trump’s tax info to the New York Times and data on Griffin and Musk to ProPublica.
Citadel CEO Ken Griffin Sues IRS Over ‘Unlawful’ Tax Data Leak
Ken Griffin, the founder and CEO of hedge fund Citadel, filed a lawsuit against the IRS to ensure the protection of taxpayers’ sensitive tax data in the wake of the tax data leaks. Griffin was one of thousands of wealthy Americans targeted in the large-scale IRS tax data breach by the rogue contractor.
The suit aimed to get the IRS to acknowledge its failure to prevent the “unlawful disclosure” of Griffin’s confidential tax information and commit to meaningful investment and reform to strengthen safeguards of personal taxpayer data.
IRS Acknowledges failures led to tax data leak and issues public apology
As part of a settlement agreement in Griffin’s lawsuit, the IRS issued a public apology recognizing its responsibility and failure to protect taxpayer information that allowed Littlejohn’s “criminal conduct and unlawful disclosure.”
The IRS assured Griffin and other victims that it has significantly increased investments in data security systems and is addressing security vulnerabilities identified by the Treasury Inspector General for Tax Administration. The agency committed to continued work to bolster protections and prevent such incidents going forward.
Legal representative says case achieved goal of protecting taxpayer data
Citadel attorney Brooke Cucinella commented that Griffin’s legal action achieved the “exact result” sought of getting the IRS to acknowledge past failures and dedicate resources to safeguarding Americans’ private tax records.
The attorney noted the IRS was told for years about security issues but failed to act until facing litigation. Griffin’s high-profile case and resources were able to get the IRS to admit fault and make binding commitments on cybersecurity upgrades crucial for all taxpayers.
The Ken Griffin’s Data Leak Suit shows how lax data security practices can end up having major consequences for enterprise businesses and government agencies. Going forward it would be essential for IRS to show its commitment through its actions by increasing efforts to strengthen its security posture.