According to news reports, the U.S. Secret Service learned that South Carolina’s (SC) Department of Revenue (DOR) system was hacked. After a series of investigation conducted by Mandiant, a private electronic security firm hired by the agency in light of the recent hacker attack, it was found out that the attack was said to have exposed some 387,000 credit and debit card numbers and 3.6 million social security numbers.
The stolen data included some information that people share with their tax returns like names, addresses, and taxpayer identification number. Unfortunately, most of those data had not been encrypted, which means that the hacker could readily view them without the need of any accessing code.
Moreover, the attack possibly affects anyone who has filed a tax return in South Carolina from 1998 up until the days prior to the discovery of the said security breach.
Apparently, the attack had occurred as early as August this year, but was only discovered last October 10. Moreover, after it was discovered, it took some 10 days more to close the hacker’s access and another six days to inform the public.
The State Law Enforcement Division Chief, Mark Keel said that the IP address used by the hacker appears to be foreign in nature.
Meanwhile, taxpayers are not yet properly notified of the issue since agents need some more time to determine exactly how much data have been compromised and who precisely are currently at risk of having their identities stolen.
Also, it is not yet known how the security breach has affected taxpayers and how the hacker might have used the data, whether it is for identity fraud or simply for exposure.
Meanwhile, the state’s Revenue Department has provided a toll-free phone line and a website for taxpayers who might have been affected by the hacking attack. In fact, the system was said to be overwhelmed by hundreds of thousands of phone calls, according to the agency’s spokesperson, Samantha Cheek.
Incidentally, this is not an issue that has something to do with South Carolina alone. This is definitely an issue that the other 49 states will have to face since it could likewise happen to any other states in the U.S.
Apparently, this will now serve as challenge to every state’s cyber security defense, according to a Los Angeles disability lawyer.
