Hacker steals 3.6M Social Security numbers from Dept. of Revenue

By on October 29, 2012, 12:30 PM

South Carolina officials recently revealed that a hacker had infiltrated computers at the state’s Department of Revenue offices and got away with a mountain of personal taxpayer data. It is believed that as many as 3.6 million Social Security numbers and around 387,000 credit and debit card numbers were nabbed during the security breach.

During a press conference in the state capital of Columbia, Governor Nikki Haley said it was not a good day for South Carolina. "I want to get this person and make sure he can never do this to anybody or any state again," Haley said. "I want that man just brutalized."

State Law Enforcement spokesperson Thom Berry said the hacker used a foreign IP address to gain access to the computer systems. Most of the credit and debit card numbers were encrypted although about 16,000 were not, he said. Furthermore, none of the social security numbers were encrypted. No public funds were accessed, we’re told.

Investigators found evidence of several attempts to hack into the Department of Revenue systems over the past few months. The first occurred in late August followed by multiple attempts in September. It is believed that data was obtained for the first time during one of the September attacks.

Officials pointed out that the vulnerability in the system was discovered and patched on October 20. The system is thought to be secure now but of course, the damage has already been done. South Carolina residents that have filed a tax return since 1998 are encouraged to check with the state to see if their data was compromised. Affected residents are being offered a year of credit monitoring and identity theft protection free of charge.




User Comments: 9

Got something to say? Post a comment
Staff
Jesse Jesse said:

It would be great if Techspot could start captioning photos in posts so that we know exactly what we are looking at.

1 person liked this | Trillionsin Trillionsin said:

It would be great if Techspot could start captioning photos in posts so that we know exactly what we are looking at.

Here ya go...

During a press conference in the state capital of Columbia, Governor Nikki Haley said it was not a good day for South Carolina. "I want to get this person and make sure he can never do this to anybody or any state again," Haley said. "I want that man just brutalized."

hehehe

Tygerstrike said:

Yep I agree, that hacker needs to be fried lol. Mainly because most of your elderly pay their taxes with their cards. So grams and Gramps needs to warned!!!

lchu12 lchu12 said:

The woman on the left looks sad, the man on the far right looks out of it. The man in the middle looks plain grumpy...

dotVezz said:

Only a year of free credit monitoring and identity theft protection? That doesn't seem like it even scratches the surface of what should be done here...

dawei1993 said:

The woman on the left looks sad, the man on the far right looks out of it. The man in the middle looks plain grumpy...

LOL very precise.

Guest said:

Makes you feel good to know that the government takes good care of your private info. This is just another step toward id chips.

avoidz avoidz said:

Bad hacker. But when are these places going to get serious and start encrypting people's important information? Plus, isolate that information from the outside world.

It would be great if Techspot could start captioning photos in posts so that we know exactly what we are looking at.

With the above in mind, maybe the caption is: "I guess we screwed up!"

Guest said:

I'm from SC and a computer science major close to getting my degree. Just would like to say, wtf is wrong with our states security? I mean if there's anything that should be encrypted it should be social security numbers. Any type of network traffic that is unencrypted should be thought of as public traffic. I mean that's just unforgivable. I hope the IT department is fired for something as irresponsible as this. Honestly, I believe anything government related she have some sort of encryption on it. It just undermines our government when people are so easily able to "hack" into our systems. I say "hack" because these people aren't even really hackers they just logged on and read publicly readable information.

Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.