Treasury Cancels Booz Allen Hamilton Contracts After Massive Tax Data Leak
The U.S. Department of the Treasury announced on Monday the termination of all contracts with consulting firm Booz Allen Hamilton following a major breach involving the leak of sensitive tax information. The decision comes after former IRS contractor Charles Edward Littlejohn, who worked for Booz Allen, was sentenced in 2024 to five years in prison for disclosing confidential tax records including those of former President Donald Trump to media outlets.
Between 2018 and 2020, Littlejohn provided stolen tax data to The New York Times and ProPublica, an act prosecutors described as "unparalleled in the IRS's history." The breach exposed records belonging to approximately 406,000 individuals, though the Treasury’s statement did not explicitly mention Trump’s leaked returns.
Treasury Secretary Scott Bessent stated that the cancellation was necessary to "increase Americans' trust in government," citing Booz Allen’s failure to implement adequate safeguards for sensitive taxpayer data. The department had 31 active contracts with the firm, totaling $4.8 million in annual spending and $21 million in total obligations.
Court documents revealed that Littlejohn intentionally sought the contractor role to access Trump’s tax returns, using his technical skills to extract data without detection. At his sentencing in January 2024, he acknowledged his actions, stating, "I used my skills to systematically violate the privacy of thousands of people." Booz Allen Hamilton has not yet commented on the termination.
Source: https://www.cbsnews.com/news/treasury-department-booz-allen-hamilton-trump-tax-leak/
Booz Allen Hamilton cybersecurity rating report: https://www.rankiteo.com/company/booz-allen-hamilton
Internal Revenue Service cybersecurity rating report: https://www.rankiteo.com/company/irs
U.S. Department of the Treasury cybersecurity rating report: https://www.rankiteo.com/company/us-treasury
"id": "BOOIRSUS-1769454012",
"linkid": "booz-allen-hamilton, irs, us-treasury",
"type": "Breach",
"date": "1/2018",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'customers_affected': '406,000 individuals',
'industry': 'Public Sector',
'location': 'United States',
'name': 'U.S. Department of the Treasury',
'size': 'Large',
'type': 'Government Agency'},
{'industry': 'Defense and Government Contracting',
'location': 'United States',
'name': 'Booz Allen Hamilton',
'size': 'Large',
'type': 'Consulting Firm'}],
'attack_vector': 'Insider Threat',
'data_breach': {'data_exfiltration': 'Yes',
'number_of_records_exposed': '406,000',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High (confidential taxpayer '
'information)',
'type_of_data_compromised': 'Tax records'},
'date_publicly_disclosed': '2024-01-01',
'description': 'The U.S. Department of the Treasury terminated all contracts '
'with Booz Allen Hamilton following a major breach involving '
'the leak of sensitive tax information by a former IRS '
'contractor. The breach exposed records of approximately '
'406,000 individuals, including those of former President '
"Donald Trump, and was described as 'unparalleled in the IRS's "
"history.'",
'impact': {'brand_reputation_impact': 'Loss of trust in government and '
'contractor',
'data_compromised': 'Sensitive tax records',
'financial_loss': '$21 million (total contract obligations)',
'identity_theft_risk': 'High',
'operational_impact': 'Termination of contracts with Booz Allen '
'Hamilton',
'systems_affected': 'IRS tax record systems'},
'initial_access_broker': {'high_value_targets': 'Former President Donald '
"Trump's tax returns"},
'investigation_status': 'Completed (sentencing of threat actor)',
'lessons_learned': 'Need for improved safeguards and monitoring of '
'contractors with access to sensitive data',
'motivation': 'Intentional disclosure to media outlets',
'post_incident_analysis': {'corrective_actions': 'Termination of contracts '
'with Booz Allen Hamilton',
'root_causes': 'Inadequate safeguards for '
'sensitive data, insider threat '
'exploitation'},
'recommendations': 'Enhance insider threat detection, implement stricter '
'access controls, and conduct regular audits of contractor '
'activities',
'references': [{'source': 'U.S. Department of the Treasury'},
{'source': 'Court Documents'},
{'source': 'The New York Times'},
{'source': 'ProPublica'}],
'regulatory_compliance': {'legal_actions': 'Criminal prosecution of Charles '
'Edward Littlejohn'},
'response': {'communication_strategy': 'Public statement by Treasury '
'Secretary',
'containment_measures': 'Termination of contracts',
'law_enforcement_notified': 'Yes'},
'stakeholder_advisories': 'Public statement by Treasury Secretary Scott '
'Bessent',
'threat_actor': 'Charles Edward Littlejohn',
'title': 'Treasury Cancels Booz Allen Hamilton Contracts After Massive Tax '
'Data Leak',
'type': 'Data Breach',
'vulnerability_exploited': 'Inadequate safeguards for sensitive data'}