Senate Finance Committee leadership requested on Thursday an immediate briefing on whether the SolarWinds hack affecting federal government networks compromised taxpayers’ personal data.
Finance Committee Chairman Charles E. Grassley, Iowa Republican, and the committee’s top Democrat Sen. Ron Wyden of Oregon wrote to IRS Commissioner Charles Rettig to learn whether sensitive taxpayer information was stolen by hackers.
“The IRS appears to have been a customer of SolarWinds as recently as 2017. Given the extreme sensitivity of personal taxpayer information entrusted to the IRS, and the harm both to Americans’ privacy and our national security that could result from the theft and exploitation of this data by our adversaries, it is imperative that we understand the extent to which the IRS may have been compromised,” Mr. Grassley and Mr. Wyden wrote.
“It is also critical that we understand what actions the IRS is taking to mitigate any potential damage, ensure that hackers do not still have access to internal IRS systems, and prevent future hacks of taxpayer data,” they wrote.
SolarWinds is a Texas-based software company that counts many government agencies as users, and the hack of its software is widely suspected to be attributable to Russia.
The senators’ letter to Mr. Rettig noted that the breach of the software seemingly not only affected the Treasury Department, which contains the IRS, but also the Commerce Department, State Department, Department of Homeland Security, National Institutes of Health and parts of the Pentagon.
The federal government is still working to understand what the hackers accomplished, and the effort is being led by the FBI, Office of the Director of National Intelligence, and the Cybersecurity and Infrastructure Security Agency.