South Carolina Breach Compromises Millions of Records

The South Carolina Department of Revenue (DOR) is in the unenviable position of being the latest government agency to suffer a large-scale cyberattack that left millions of customer records vulnerable. The DOR, which serves the state’s population of more than 4.6 million, is now in recovery mode following a series of attacks by hackers on its computer system. The attacks, which date back to August, exposed 3.6 million Social Security numbers, as well as credit and debit card information supplied to the agency by state taxpayers.

IT officials in the state informed the DOR of suspicious activity on Oct. 10. According to a press release issued by the DOR, officials acted upon advice from law enforcement and engaged Virginia-based Mandiant, a global information security firm. The contractor is helping investigate the incidents, secure the system, deploy new software and related equipment, and modify access policies. Intelligence gathered since the discovery suggests that following several attempts to access the system, hackers successfully obtained taxpayer data in mid-September.

People who filed a tax return in South Carolina since 1998 should call 1-866-578-5422 or visit Experian’s Protect My ID website to see if their information was exposed as a result of the DOR breach.

A remedy commonly offered by organizations to customers whose data is hacked is being replicated by state officials in South Carolina: one year of credit monitoring and identity protection services, paid for by the state.

Cyberattack in South Carolina: By the Numbers Current population of South Carolina: 4.6 million Social Security numbers compromised: 3.6 million Total number of credit and debit cards exposed: 387,000 Number of exposed cards that are unencrypted: 16,000

In addition, officials encourage affected citizens to review their credit reports at regular intervals, and add fraud alerts and security freezes with the three major credit bureaus. Credit or debit account holders should also get their cards reissued, change account passwords and vigilantly review statements for unauthorized charges.

"From the first moment we learned of this, our top priority has been to protect the taxpayers and the citizens of South Carolina, and every action we’ve taken has been consistent with that priority," said Department of Revenue Director James Etter in a news release. "We have an obligation to protect the personal information entrusted to us, and we are redoubling our efforts to meet that obligation."

The DOR attack is the second time this year that a government agency in South Carolina has suffered from a major breach. In April, more than 225,000 Medicaid records were transferred by a South Carolina Department of Health and Human Services employee to a personal email account.

Attempts to interview a DOR official were unsuccessful, but Gov. Nikki Haley and Law Enforcement Division Chief Mark Keel held news conferences about the breach Oct. 29 and Oct. 26.