Government SPLOST 7 | | | Editor

Report: S.C. hacker breached Revenue Department system via 2 vulnerabilities

  • Follow Metro

COLUMBIA — The hacker who reportedly accessed millions of South Carolina tax returns apparently breached state databases via two different paths, according to an official with an information-security firm hired by the state.

Marshall Heilman of Mandiant said the attacker tricked a user in the Department of Revenue’s system into opening a file that then allowed the hacker to access the system, according to a report Wednesday from The Post and Courier of Charleston.

The hacker was able to get into the system because the agency was using unsecured, third party-software, Heilman said. Using a stolen credential, Heilman says the hacker remotely accessed the agency database and stole the information.

South Carolina hired Mandiant last month after learning that more than 3.6 million tax returns going back as far as 1998 had been improperly accessed on a Department of Revenue server. Officials later said that about 657,000 business returns were also hacked, and Revenue officials told The State newspaper that the number of hacked returns had risen to 3.8 million.

Jim Etter, the director of the Department of Revenue, told state senators in a hearing last month that about 250 employees had credentials to access the database. Nearly 700,000 people have signed up for free credit monitoring because of the hacking incident.

Agency officials also said that the Department of Revenue hired a public relations firm to help manage its communications after the breach. The department says it is paying $160,000 to Chernoff Newman, saying the agency does not have the resources to do all that is legally required after the breach, such as place ads telling taxpayers how they can get help.

Chernoff Newman was hired just before an Oct. 26 news conference in which state officials publicly disclosed the breach, according
to Revenue spokeswoman Samantha Cheek.

Chernoff Newman also helped state Health and Human Services officials earlier this year after an internal breach by an employee in which more than 228,000 Medicaid records were improperly accessed.

The leader of the South Carolina Association of Taxpayers questioned the Revenue Department’s spending records, telling the Post and Courier that the money would have been better spent preventing the breach in the first place.

“Why should these agencies be allowed to hire PR firms when they make a mistake?” asked Don Weaver, the group’s president.

Comments (3) Add comment
ADVISORY: Users are solely responsible for opinions they post here and for following agreed-upon rules of civility. Posts and comments do not reflect the views of this site. Posts and comments are automatically checked for inappropriate language, but readers might find some comments offensive or inaccurate. If you believe a comment violates our rules, click the "Flag as offensive" link below the comment.
my.voice 11/08/12 - 07:35 am
And the "government" wants to

And the "government" wants to run my healthcare........ Mhmmmm

soapy_725 11/08/12 - 10:50 am
Of course the SC "mistake" has created

another whole level of SC bureaucracy. Ain't gov'ment great. Of the people, for the people, by the people and done to the people.

And this from a governorness who was the family CPA. A ray of hope in a state mired in the 19th century.

Little Lamb
Little Lamb 11/08/12 - 11:19 am
Good Point, MyVoice.

I was thinking, the hackers stole tax information, and the most valuable item they got was hundreds of thousands of social security numbers matched up with names. That's serious.

But instead of just giving the taxpayers one year of free credit monitoring services, why not eliminate the source of the concern, i.e., just have the Social Security Administration void out those SS numbers and assign new numbers to the people?

OpenCurtain 11/08/12 - 12:15 pm
Now we know the reason.

Like many IT Security Problems it was the lowest common denominator. The Biological Interface called a USER.

Sarcasm Button On
Yep I can clearly see how a failed former political adversary lawyer could come to the conclusion it was the Governors and the Whole SC Revenue Systems fault.

Sarcasm Button OFF

No the problem is/was one soon to be former Authorized User.

While I agree the Government needs to stay out of many parts of our lives. They have operated a computerized Tax System since the 1950's --- 60 YEARS with this 1 documented mistake.

So why is everybody jumping on a SUE SC bandwagon?
That money just does not grown on trees. it comes out of your pockets. Has any one considered 1/3 to 2/3 would go to a lawyer not any Taxpayers.

So is 1 year of credit protection enough?


Try more like 3 years. That is usually how long these problems take to work themselves, out before the cyber-thief is busted for the crime or another.

What I would rather see SC do is setup a Protection Fund MINUS any lawyers fees or Lawyer administration charges. Use the fund to address related ID thief problems as needed. It would save the State Taxpayer LOTS of money and offer real protection to the very few that will likely see problems.

Regarding the suggestion - Issue new SSA#'s.
Give this some thought of how many records would have to be updated in a persons life. Every Official, medical, Ins, employment, school, and college record covering birth to the current point.

Then there is the good chance that you will end up a missed record somewhere or the SSA# of a convict?

Back to Top
Search Augusta jobs