Social Engineering and the IRS

Apparently, over one-third of IRS employees happily provided their usernames and changed their passwords at the request of Treasury Department inspectors that posed as computer technicians.
Schneier < CNN


Personal note: Schneier recommends two-factor authentication. I happily agree, although biometrics would work splendidly also. Everyone knows that the government’s IT department is sorely some of the skills that corporate procedures introduce. Interesting that despite this, there hasn’t been more information theft. Hopefully someone is wising up to the internal government report by the Treasury department.