South Carolina tax breach also affects 657k businesses

Share this article:

As the probe deepens into the massive hack of the South Carolina Department of Revenue, forensic investigators have concluded that as many as 657,000 businesses may also have been impacted.

The new revelations only exacerbate an already troubling breach, which involved the theft of 3.6 million Social Security numbers and 387,000 credit and debit card numbers from state residents, officials announced last Friday.

Gov. Nikki Haley said during a Wednesday press conference said that beginning Friday, businesses that have filed a tax return since 1998 will be offered free credit monitoring from Dun & Bradstreet.

Haley declined to delve into specifics about how the breach occurred, though according to reports, the intruders were based overseas and used approved credentials to access the agency's systems in August and September.

"I don't think we're allowed to talk about that at all," Haley said, responding to a reporter's question of how the attackers were able to reach the critical data if the systems housing it were supposedly disconnected from the internet.

She later said that not every attack is preventable.

"If somebody wants to get in, they're getting in," she said.

Revenue Department director James Etter said the agency was considering shortening how long it holds on to records, from 15 years to 10 years, but said this is difficult because of things like pending criminal cases.

Share this article:

Sign up to our newsletters

More in News

DDoS attacks remain up, stronger in Q2, report says

DDoS attacks remain up, stronger in Q2, report ...

Prolexic's second quarter DDoS report noted the proliferation of shorter attacks that ate up more bandwidth.

Superman soars above fellow superheroes as most toxic search term

A McAfee study found that searches pertaining to Superman exposed users to the most infected websites.

Black Hat talk on Tor weaknesses canceled

Black Hat organizers say legal counsel for the Software Engineering Institute and Carnegie Mellon University nixed the session.