Business

Lawmakers ask IRS if its systems were compromised in SolarWinds hack

Two key House lawmakers are seeking answers from the Internal Revenue Service (IRS) about whether any of the agency’s systems were compromised as part of a massive cyberattack.

“We believe that it is important to provide taxpayers with a full understanding of the extent of the SolarWinds Orion compromise to maintain confidence in the federal tax system,” Reps. Bill Pascrell (D-N.J.) and Mike Kelly (R-Pa.) — the chairman and ranking member, respectively, of the House Ways and Means Committee’s oversight subcommittee — wrote in a letter Friday to IRS Commissioner Charles Rettig.

“We also request that you provide a bipartisan briefing on these matters as soon as possible,” the lawmakers added.

Media outlets have reported that several federal agencies were breached as part of a hack on IT company SolarWinds. The attack is widely believed to have been carried out by a Russian military group.

The Treasury Department, which the IRS is a part of, is one of the departments that reportedly was breached. 

The Cybersecurity and Infrastructure Security Agency has directed federal agencies to examine their networks for indications of any compromise.

Pascrell and Kelly asked the IRS if any of the agency’s systems were compromised, when any compromise occurred, when the agency first learned of any compromise and what the agency has done to secure their systems against a future breach.

The lawmakers also asked if the IRS’s older IT systems are more or less vulnerable to being compromised than those that have been updated, and they asked when the IRS plans to inform Congress about the extent to which any taxpayer information was stolen.

Pascrell and Kelly also sent a separate letter to Treasury Inspector General for Tax Administration J. Russell George, seeking a briefing about what his office knows about any compromise to IRS systems.

The letters from Pascrell and Kelly come after the leaders of the Senate Finance Committee on Thursday pressed the IRS for a briefing about whether any taxpayer information was compromised in the SolarWinds hack.