In a chilling reminder of the frailty of security, WaPo is reporting that US Treaury Department inspectors posing as help desk workers were able to get username and password info from more than 1/3 of the 100 IRS workers tested.

This is the most rudimentary of social engineering attacks, and news that is bound to give Kevin Mitnick consulting and speaking work for a very long time ….