The IRS has backed out of a controversial multimillion-dollar contract with credit reporting agency Equifax amid concerns that the corporation should not be awarded any federal funds after it leaked sensitive data belong to hundreds of millions of people in an enormous data breach.
In a breach that stretched from mid-May through July, hackers gained unprecedented access to the person information belonging to 143 million consumers after Equifax â€“ one of the nationâ€™s three major credit reporting agencies â€“ failed to properly protect and secure that data.
Despite the breach, Equifax was awarded a $7.25 million no-bid contract from the IRS to verify taxpayer identities and help prevent fraud, with the government agency deeming Equifax the only company able to provide the service.
Congress immediately questioned the move: â€śIn the wake of one of the most massive data breaches in a decade, itâ€™s irresponsible for the IRS to turn over millions in taxpayer dollars to a company that has yet to offer a succinct answer on how at least 145 million Americans had personally identifiable information exposed,â€ť said Senate Finance Chairman Orrin Hatch (R-UT).
Sen. Sherrod Brown (D-OH) echoed the condemnation: â€śSuspending the IRS contract is only the first step. We cannot know taxpayers are protected until Equifax is banned from all federal contracts.â€ť
On Friday, the IRS released a statement announcing that it had suspended the contract as a â€śprecautionary stepâ€ť pending a further look at Equifaxâ€™s security apparatus.
â€śDuring this suspension, the IRS will continue its review of Equifax systems and security,â€ť the agency said. â€śThere is still no indication of any compromise of the limited IRS data shared under the contract.â€ť
Also on Friday, Equifax maintained that it is â€śthe best party to perform the services required in this contractâ€ť and noted that it is â€śengaging IRS officials to review the facts and clarify available options.â€ť