South Carolina tax breach also affects 657k businesses

Share this article:

As the probe deepens into the massive hack of the South Carolina Department of Revenue, forensic investigators have concluded that as many as 657,000 businesses may also have been impacted.

The new revelations only exacerbate an already troubling breach, which involved the theft of 3.6 million Social Security numbers and 387,000 credit and debit card numbers from state residents, officials announced last Friday.

Gov. Nikki Haley said during a Wednesday press conference said that beginning Friday, businesses that have filed a tax return since 1998 will be offered free credit monitoring from Dun & Bradstreet.

Haley declined to delve into specifics about how the breach occurred, though according to reports, the intruders were based overseas and used approved credentials to access the agency's systems in August and September.

"I don't think we're allowed to talk about that at all," Haley said, responding to a reporter's question of how the attackers were able to reach the critical data if the systems housing it were supposedly disconnected from the internet.

She later said that not every attack is preventable.

"If somebody wants to get in, they're getting in," she said.

Revenue Department director James Etter said the agency was considering shortening how long it holds on to records, from 15 years to 10 years, but said this is difficult because of things like pending criminal cases.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Reported breaches involving zero-day bug at JPMorgan Chase, other banks

Reported breaches involving zero-day bug at JPMorgan Chase, ...

Hackers exploited a zero-day vulnerability and gained access to sensitive information from JPMorgan Chase and at least four other financial institutions, reports indicate.

Data on 97K Bugzilla users posted online for about three months

During a migration of the testing server for test builds of Bugzilla software, data on about 97,000 Bugzilla users was inadvertently posted publicly online.

Chinese national had access to data on 5M Arizona drivers, possible breach ...

Although Lizhong Fan left the U.S. in 2007, the agencies responsible for giving him access to Americans' personal information have yet to disclose the details of the case to the public.