South Carolina Taxpayers’ Credit-Card Numbers Exposed in Breach 

Oct. 29, 2012

On Friday, the state of South Carolina revealed a cyber attack on the Department of Revenue (DOR) exposed the credit and debit card account numbers of nearly 400,000 state taxpayers. More than 3.6 million Social Security numbers were compromised in the attack. The state said it learned of the breach on October 16, but that the intrusion took place in mid-September. According to Governor Nikki Haley, the attack came from outside the U.S. and was “creative in nature.” Information-security company Mandiant is now working with the state DOR to assist the investigation and beef up security on its systems.

“The number of records breached requires an unprecedented, large-scale response by the Department of Revenue, the State of South Carolina and all our citizens,” said Haley. “We are taking immediate steps to protect the taxpayers of South Carolina, including providing one year of credit monitoring and identity protection to those affected.”

Officials said the opening the hacker took advantage of was closed on Oct. 20. In a press conference, Haley said she has made it clear to her law enforcement chiefs she wants the person responsible “slammed against the wall.” Taxpayers that filed a return in the state as far back as 1998 are eligible for the identity protection service.