South Carolina tax breach also affects 657k businesses

Share this article:

As the probe deepens into the massive hack of the South Carolina Department of Revenue, forensic investigators have concluded that as many as 657,000 businesses may also have been impacted.

The new revelations only exacerbate an already troubling breach, which involved the theft of 3.6 million Social Security numbers and 387,000 credit and debit card numbers from state residents, officials announced last Friday.

Gov. Nikki Haley said during a Wednesday press conference said that beginning Friday, businesses that have filed a tax return since 1998 will be offered free credit monitoring from Dun & Bradstreet.

Haley declined to delve into specifics about how the breach occurred, though according to reports, the intruders were based overseas and used approved credentials to access the agency's systems in August and September.

"I don't think we're allowed to talk about that at all," Haley said, responding to a reporter's question of how the attackers were able to reach the critical data if the systems housing it were supposedly disconnected from the internet.

She later said that not every attack is preventable.

"If somebody wants to get in, they're getting in," she said.

Revenue Department director James Etter said the agency was considering shortening how long it holds on to records, from 15 years to 10 years, but said this is difficult because of things like pending criminal cases.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Hackers grab email addresses of CurrentC pilot participants

Hackers grab email addresses of CurrentC pilot participants

Although the hack didn't breach the mobile payment app itself, consumer confidence may be shaken.

Operators disable firewall features to increase network performance, survey finds

Operators disable firewall features to increase network performance, ...

McAfee found that 60 percent of 504 surveyed IT professionals prioritize security as the primary driver of network design.

PCI publishes guidance on security awareness programs

PCI publishes guidance on security awareness programs

The guidance, developed by a PCI Special Interest Group, will help merchants educate staff on protecting cardholder data.