IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

South Carolina Must Release More Data Breach Info, Lawmakers Say

While the Haley administration says it has released all the breach-related data it can, many say the state is hiding embarrassing information.

South Carolina officials are facing even more scrutiny after one of the largest government security breaches in recent memory. Gov. Nikki Haley's administration released an abbreviated report last month outlining the high-level findings of how the security breach was initiated, but some legislators and members of the press said the state is hiding information it is required to share, the Post and Courier reported.

South Carolina officials said they have shared enough data, but some said the state could be hiding embarrassing information. “The only thing that’s not a public record is [information related to] security plans and devices,” Press Association Attorney Jay Bender told the Post and Courier. “The rest of the information must be made public.”

The state's Revenue Department said all the information they can release has already been released and cited a state law that states “Information relating to security plans and devices proposed, adopted, installed, or utilized by a public body, other than amounts expended for adoption, implementation, or installation of these plans and devices, is required to be closed to the public and is not considered to be made open to the public under the provisions of this act.”

The firm hired by the state to conduct the investigation into the breach said their reports are very detailed and not fit for public release because they could facilitate further attacks. But some, like Sen. Tom Davis said the Revenue Department needs to provide a more detailed explanation of why information is being withheld, given the public's interest in the breach.

The breach, which was first detected in October, resulted in millions of residents having their social security numbers and financial information released into the hands of a hacker or group of hackers.

Photo courtesy of Shutterstock