In her latest press conference, South Carolina Governor Nikki Haley claimed that one of the causes behind the Department of Revenue (DOR) security breaches was the fact that the Internal Revenue Service (IRS) did not require the encryption of social security numbers (SSN).
Haley explained that, besides the fact that the DOR lacked “dual verification” mechanisms to protect systems, the IRS shared part of the blame for not requesting the encryption of data.
However, according to
WMBF News, that allegation is incorrect because the agency does have a “long list of requirements for states to handle and protect federal tax information.”
“Protecting taxpayer data is our top priority at the IRS. We have many different systems with a variety of safeguards -- including encryption -- to protect taxpayer data. The IRS has in a place a robust cyber security of technology, people and processes to monitor IRS systems and networks,” IRS representatives have stated.
Furthermore, they highlight the fact that all states are required to follow both their standards and the ones imposed by the National Institute of Standards and Technology.