A report from the Treasury Inspector General for Tax Administration (TIGTA) published on Thursday, reveals major flaws in how the U.S. Internal Revenue Service (IRS) handles document safeguarding and destruction. Despite receiving billions in funding, the IRS has failed to secure sensitive taxpayer data.
The report, titled Improved Secure Document Safeguarding and Destruction Procedures Are Needed, reveals several alarming discoveries. Among the most shocking is that sensitive documents were thrown away in regular trash bins.
The report states:
"We found IRS employees were discarding sensitive documents with regular trash and recycling,"
In one IRS facility in Ogden, Utah, employees were told to throw sensitive documents in open containers, bypassing secure destruction procedures. The report explains:
"IRS management instructed employees at this facility to store sensitive documents in these open containers so employees didn’t have to leave their desks to throw the sensitive waste in the secured sensitive document destruction bins."
In one case, employees mocked the process by labeling a trash can “CLASSIFIED TRASH ONLY.”
The IRS is mocking you. pic.twitter.com/g8z0vOiNR0
— BrutalBrittany💕 (@BrutalBrittany2) December 27, 2024
The report also highlights that many of the bins used for holding sensitive documents before destruction were damaged or poorly maintained.
“We identified during our site visits that some bins were unlocked, altered, and/or damaged which permits direct access to the discarded sensitive documents."
Some bins had slots that were too large.
“our evaluators were able to reach their hands through the bin disposal slot and easily retrieve discarded sensitive documents.”
Another issue uncovered by TIGTA was a lack of training for IRS staff on how to handle sensitive documents.
The report states:
"The IRS has not established or communicated to personnel at its various facilities the standard operating procedures for sensitive document destruction to ensure uniformity and consistency."
Additionally, the IRS stopped conducting regular on-site inspections of disposal facilities. Without inspections, there’s no way to know whether the destruction protocols are being followed.
TIGTA wrote:
“The IRS no longer performs on-site inspections at facilities where sensitive documents are brought for destruction to ensure proper disposal,”
The report also criticizes the IRS for not budgeting for the right number of secure bins:
“Specifically, the IRS did not: Determine the optimal number, type and/or size of bins needed at its facilities.”
IRS staff alerted TIGTA that a vendor's recent change in billing methods was costing taxpayers double for the same service.
“Concerns were brought to Office of Audit personnel from IRS staff at two tax processing centers that this billing change resulted in the IRS paying twice as much per month for sensitive document destruction."
Perhaps most troubling is the IRS’s failure to monitor its spending on document destruction. TIGTA found billing discrepancies, where the IRS had paid for more bins than were actually retrieved. IRS staff also alerted investigators that a billing change had led to the agency paying double for document destruction services.
"Our review of invoices paid for October 2023 identified charges for more bins than reported by the vendor as being retrieved for destruction."
Despite receiving tens of billions of dollars for modernization under the Biden administration, the IRS claimed it didn’t have the resources to conduct necessary inspections. To be clear, The IRS, under the Inflation Reduction Act, received about $60 billion to rebuild its workforce and modernize its IT systems over the next decade.
"Officials cited a lack of resources as to why these on-site inspections are no longer conducted."
TIGTA’s report follows other high-profile security issues at the IRS, including the 2024 breach by IRS contractor Charles Littlejohn. Littlejohn accessed and leaked the tax returns of President Donald Trump, along with other high-profile individuals.
Littlejohn was sentenced to five years in prison, and the IRS issued an apology as part of a lawsuit settlement. Still, the breach raised questions about the IRS’s ability to protect sensitive information.
Read More:
IRS Consultant Pleads Guilty to Leaking Tax Return Info, Including Donald Trump's
SOLD! Trump Taps Auctioneer and Former MO Congressman Billy Long to Lead Key Agency
TIGTA’s findings are another major blow to an agency already struggling with data security. As this latest report reveals, the IRS is failing taxpayers in one of its most basic responsibilities: safeguarding private financial data.
The agency’s negligence goes beyond poor management—it mocks the very people it is meant to protect. Throwing documents into regular trash, failing to maintain secure bins, and ignoring security protocols sends a clear message: taxpayers are at risk, and the IRS doesn’t seem to care. The agency is not only putting your data in harm's way but also ripping you off with ineffective, wasteful practices.
The IRS must act now. Without immediate reforms, it risks further breaches, deepening public distrust, and losing any remaining credibility. But the question remains: Will the agency take this seriously, or will it continue to disregard the very concept of security while your private information is left in the trash?
