A programming error kept the IRS from notifying hundreds of thousands of identity theft victims about criminals using their Social Security numbers to get themselves jobs in 2017, according to an internal investigation.
Last year, more than half a million Americans had their identities used by others to get hired, but only first-time victims received a notification from the IRS, the Treasury Inspector General for Tax Administration found. As a result, nearly 460,000 previous victims of employment identity theft were left in the dark about their information getting stolen yet again.
“Most identified victims remain unaware that their identities are being used by other individuals for employment,” TIGTA wrote in its report.
This creates, in effect, a form a strict liability for an employee data leak (at least in the UK). If the ruling is upheld, Morrisons will face a massive legal liability and, without question, the remaining 94,500 employees will join the class action or file their own lawsuits. Further, it is possible that British regulators will follow the court’s ruling and impose heavy regulatory fines and penalties.