Court filings show IRS mistakenly shared thousands of taxpayer records with DHS

Court filings and an agency declaration filed in federal court say the Internal Revenue Service erroneously shared taxpayer information for thousands of people with the Department of Homeland Security, in connection with a controversial data‑sharing agreement signed in April 2025 by Treasury Secretary Scott Bessent and Homeland Security Secretary Kristi Noem.

The filings, including a declaration by IRS Chief Risk and Control Officer Dottie Romo, say U.S. Immigration and Customs Enforcement submitted 1.28 million names and addresses to the IRS for cross‑verification against tax records. Romo’s declaration states the IRS was able to verify roughly 47,000 of those names, and that “for less than 5% of those individuals, the IRS gave ICE additional address information,” a disclosure the filings say potentially violated taxpayer‑privacy protections designed to safeguard confidential return information.

Romo told the court that Treasury notified DHS in January of the error and asked DHS to assist in mitigation, urging the department to “promptly taking steps to remediate the matter consistent with federal law,” including “appropriate disposal of any data provided to ICE by IRS based on incomplete or insufficient address information.” The filing does not specify whether the IRS plans to notify affected taxpayers, nor does it resolve whether the phrase “those individuals” refers to the 47,000 the agency verified or to the larger pool of names ICE initially provided.

The agreement and its implementation have already prompted litigation and judicial interventions. A Public Citizen lawsuit on behalf of immigrant‑rights organizations challenged the interagency pact shortly after it was executed, and federal judges have issued orders curbing the IRS’s ability to share residential addresses with immigration enforcement. A federal court last November blocked some information sharing after finding that the IRS had improperly disseminated migrants’ tax data the previous summer.

Privacy advocates warn of broad consequences when tax records are made available to immigration authorities. Tom Bowman, policy counsel for the Center for Democracy & Technology, said the episode illustrates systemic risk: “Once taxpayer data is opened to immigration enforcement, mistakes are inevitable and the consequences fall on innocent people,” he said. “The disclosure of thousands of confidential records unfortunately shows precisely why strict legal firewalls exist and have, until now, been treated as an important guardrail.”

The filings raise immediate policy and oversight questions. It is not clear how many individual records were actually transmitted to ICE, what categories of tax information were exposed, or whether DHS has completed the disposal steps sought by Treasury. The matter also prompted personnel upheaval inside the IRS; reports have tied the agreement to the resignations of senior agency officials, though the filings do not attach names or detail administrative discipline.

The episode echoes prior breaches that have complicated taxpayer redress and government transparency. In a previous major IRS data theft, the agency notified more than 400,000 taxpayers years after the loss and faced limited litigation from victims, underscoring how notification timing and legal remedies affect oversight and public trust.

Court dockets and the Romo declaration are now central to resolving the dispute. Plaintiffs in the pending litigation seek injunctive relief and greater limits on data sharing; courts will weigh whether agency safeguards were adequate and whether statutory confidentiality protections were breached. For lawmakers, agency leaders and privacy advocates, the filings underscore the stakes of interagency data sharing and the need for clear, enforceable controls before sensitive taxpayer data is used for immigration enforcement.