South Carolina tax breach also affects 657k businesses

Share this article:

As the probe deepens into the massive hack of the South Carolina Department of Revenue, forensic investigators have concluded that as many as 657,000 businesses may also have been impacted.

The new revelations only exacerbate an already troubling breach, which involved the theft of 3.6 million Social Security numbers and 387,000 credit and debit card numbers from state residents, officials announced last Friday.

Gov. Nikki Haley said during a Wednesday press conference said that beginning Friday, businesses that have filed a tax return since 1998 will be offered free credit monitoring from Dun & Bradstreet.

Haley declined to delve into specifics about how the breach occurred, though according to reports, the intruders were based overseas and used approved credentials to access the agency's systems in August and September.

"I don't think we're allowed to talk about that at all," Haley said, responding to a reporter's question of how the attackers were able to reach the critical data if the systems housing it were supposedly disconnected from the internet.

She later said that not every attack is preventable.

"If somebody wants to get in, they're getting in," she said.

Revenue Department director James Etter said the agency was considering shortening how long it holds on to records, from 15 years to 10 years, but said this is difficult because of things like pending criminal cases.

Share this article:

Sign up to our newsletters

More in News

Michaels class-action suit tossed after plaintiffs can't show damage

A judge ruled that plaintiffs couldn't show monetary damage in suit filed after a breach exposed data on 2.6 million of the retailer's customers.

New backdoor 'Baccamun' spreads through ActiveX exploit

Symantec researchers revealed that the backdoor is dropped after attackers exploit a Windows ActiveX vulnerability.

Outdated browsers put U.K. users at risk of malware

A blog post on Check and Secure website said 70 percent of U.K. users haven't fully updated their internet browsers