The IRS award of a $7.25 million no-bid contract to Equifax after a hack of the credit reporting and data services company that exposed personal information on as many as 145 million Americans “just doesn’t add up,” according to Sen. Chuck Grassley.
“Given recent Equifax breach the IRS needs 2make clear &demonstrate that taxpayer information is safe if doing biz w Equifax,” the Iowa Republican wrote Wednesday on Twitter.
“Not only was I surprised, but I was sitting with a senator in Judiciary (Committee) today that was told that by another senator and he said, ‘You got to be kidding,’” Grassley said during his weekly call with Iowa reporters.
The IRS termed the contract a “sole source order,” meaning Equifax is the only company able to provide the service. It was awarded on the final day of the federal fiscal year to prevent a lapse in identity checks while the agency resolves a dispute over a separate contract. According to the contract, Equifax will verify taxpayer identity and assist in ongoing taxpayer verification and validations.
Given Equifax’s recent track record, Grassley said he and other members of Congress are concerned.
In September, Equifax reported a cybersecurity breach that potentially compromised personal information, including Social Security numbers, of more than 145 million Americans. Equifax is one of three major credit reporting bureaus and its data is used to determine credit ratings for mortgages, car loans, credit cards and other financial instruments.
In expressing his concern, Grassley cited an IRS code section guaranteeing the privacy of sensitive information taxpayers submit.
“Yeah, we ought to be more concerned about it,” Grassley said. noting the cybersecurity breach and the potential for a similar hack of IRS data are both concerns.
“It’s wrong either way,” he said.
Both Republicans and Democrats have voiced similar concerns. One House member initially thought the report was from The Onion, a parody news site.
Sen. Orrin Hatch, R-Utah, chairman of the Finance Committee that Grassley serves on, expressed concern that the IRS lacks the cybersecurity needed to safeguard taxpayer information.