Right now, as you’re sending the IRS just about everything there is to know about you, it remains highly vulnerable to hackers and cyberattacks.

And the agency has no intention of doing anything about it.

A new report by the nonpartisan Government Accountability Office (GAO) found that the IRS has “has not effectively implemented elements of its information security program.” As a result, these deficiencies will leave the sensitive personal and financial data of millions of taxpayers “unnecessarily vulnerable to inappropriate and undetected use, modification, or disclosure.”

The GAO issued 43 detailed recommendations for the IRS to patch these vulnerabilities and protect taxpayers. The IRS’s response? The usual excuses and evasions. ‘We’ll think about it’ isn’t good enough. The agency should immediately take steps to implement these recommendations and report back to Congress with its progress.

Republicans have put in place a series of reforms to prevent IRS targeting and increase the agency’s transparency. This includes everything from making political targeting a firing offense to preventing IRS employees from using their personal email addresses to conduct official business. These reforms will make a difference, but it’s up to the IRS to show good faith and demonstrate a commitment to change its culture of impunity. Here, the agency won’t even own up to its problems—again.

That’s why we will continue to exercise vigorous oversight to help ensure the IRS adopts all 43 GAO recommendations. Hardworking taxpayers need assurances that the IRS will do everything possible to protect their personal information—and we are committed to giving Americans that peace of mind.

Ryan to the IRS: You Work for the Taxpayer

A reminder for the IRS → you work for the taxpayer, not the other way around.

Posted by Speaker Paul Ryan on Thursday, March 31, 2016