South Carolina taxpayer server hacked, 3.6 million Social Security numbers compromised
October 26th, 2012
07:56 PM ET

South Carolina taxpayer server hacked, 3.6 million Social Security numbers compromised

The Social Security numbers of millions of South Carolinians, as well as credit and debit card information for hundreds of thousands, have been hacked in what the state's governor described Friday as an international cyberattack.

"This is not a good day for South Carolina," Gov. Nikki Haley told reporters.

The governor explained that a "server that warehouses all our taxpayer information was breached and taxpayer information was stolen."

The state's Department of Revenue explained in a press release that it first learned of a possible breach on October 10, after which the state contracted information security firm Mandiant to conduct an investigation.

The "hole" in the system was closed October 20. Over the next several days, state authorities determined that more than 3.6 million Social Security numbers may have been affected. So, too, were 387,000 credit card numbers - though only 16,000 of those were unencrypted.

On Friday, state officials laid out efforts to determine what happened and protect the personal information of taxpayers. While noting that not everyone had their information breached, Haley urged everyone who filed a tax return in South Carolina from 1998 through now to take advantage of credit protection services being offered by the state.

"While we now have it protected, we want to make sure that everybody understands that our state will respond with a big, large-scale plan that is somewhat unprecedented to take care of this problem," the governor said.

soundoff (340 Responses)
  1. JackD

    Cyber Crime is, and has been, on an exponential increase for the last several years. I fault our SC State IT and Revenue officials for their lack of safeguards, almost "criminal" lack of encryption, and very poor timely response, notification, and allocation of resources to help taxpayers investigate their status.

    October 27, 2012 at 12:26 am | Report abuse |
    • David Cartledge

      Very well said! I live in South Carolina too and I am LIVID over this issue! We need to recall our Governor and hold our state responsible for their SEVERE mistakes! BTW, have you tried the toll free number to get assistance? It is ALWAYS busy!!! SHAME ON YOU SOUTH CAROLINA!! My personal information is in the hands of an international hacker and I am so very angry! And for all of these people bringing politics into this, JUST STOP! The citizens of NO state in the USA deserve this! I am an Obama mine should not have been stolen but a Republican's should have been stolen! HYPOCRITES!! NONE of us deserved this and I blame our leadership in SC!!!!!

      October 27, 2012 at 12:38 am | Report abuse |
    • Scott

      You are right on all fronts. I do not know, but I can guess from the situation that this person probably tried to hack a several state DOR sites. As you pointed out, our State did not do the due diligence to ensure that the information was kept secret. It is a travesty, the response being we will provide you Lifelock for the next year...where do you think that money is coming from. Pretty good chance out of the public coffer of taxpayer dollars. So basically, we will once again pay for the lack of vision of politicians. Another conjecture would be...maybe instead of hiring some guy who is the nephew of someone in the SC Congress who graduated with a C average in IT from USC to run you system, you actually outsource to someone who knows what is going on. I see they actually outsourced to a capable organization to close the gap. If you were in charge of millions of people data would you not outsource a company on a regular basis to see if they could penetrate your "vault" of information.

      October 27, 2012 at 2:18 am | Report abuse |
    • Scott

      Sorry for the grammatical errors, but the statement still holds.

      October 27, 2012 at 2:25 am | Report abuse |
    • Jereth

      ...I just find it odd how the governor started hawking credit protection services through the state...anyone else find that odd? O_O...I can hear the sheep now..."TAKE MY MONEY!!!"

      October 27, 2012 at 2:29 am | Report abuse |
    • Anth

      How convenient, to access computers that have very sensitive data, that actually never was accessible by online . hmm wonder what's really going on or what legislation about to be proposed .. and serious, how does very sensitive data become accessible online .. think about it

      October 27, 2012 at 3:14 am | Report abuse |
  2. Roger Cotton

    Somebody overseas somewhere is gonna have a heck of a Christmas or Ramadan this year. I started only using cash, and check to see if my social security number is being used every month.

    October 27, 2012 at 12:49 am | Report abuse |
    • David

      SS number is very scary in the wrong hands, even if you check it on a regular basis there are no safeguards until something happens, and even then there is really nothing you can do about it. I am like you, I pay either with cash or money orders, or a paid debit card. I use to use my bank debit card, but one day I got burned badly, so I don't use it anymore. But unfortunately, you just can't cancel your SS number, or easily change it like a password.

      October 27, 2012 at 3:17 am | Report abuse |
  3. Mary


    October 27, 2012 at 12:51 am | Report abuse |
  4. coderjones

    politicians have been warned for decades – to me their lack of vision is directly responsible

    October 27, 2012 at 1:03 am | Report abuse |
  5. Bushney

    And people think that Voter IDs will be the cure all, why can't we have elections all online, and the cloud is safe.

    October 27, 2012 at 1:21 am | Report abuse |
  6. No2Atheism

    Oh those darn Mexicans are draining our economy....OH WAIT A MINUTE!!

    October 27, 2012 at 1:23 am | Report abuse |
  7. Nunya

    What do you expect? It's South Carolina. They can't be bothered with little things like making sure their tax database is secure, they have to hold white power rallies disguised as Tea Party gatherings.

    October 27, 2012 at 1:43 am | Report abuse |
  8. someGuy

    the government isn't good at quick reaction or adaptation on any level and since the internet and related technology grows and changes at such a rapid rate this is going to continue to be a growing problem until serious measures are taken to prevent it. Especially in a case like this who would've guessed that a bunch of old white guys could adapt to current trends in internet hacking techniques?

    The only thing I can really think that would prevent this type of action is hiring an army of hackers to attempt to hack our own systems, and then develop protection from their own techniques. This army of hackers likely already exists but is currently working on national security rather than a situation like this which is more like..... o wait this IS a matter of national security.

    Unfortunately when it comes to protecting it's citizens from internet shenanigans the government is much more likely to respond to calls from the multimedia industry to protect their intellectual property from piracy. Because it is bad for the economy when large portions of it's citizens have their profits compromised due to said internet shenanigans....o wait again that is exactly what just happened.

    Sorry SC...I hope you guys get on closing your bank accounts quick, as for your socials, keep an eye on that. Check your credit reports often for new accounts opening up, it sucks to have to pay for it over and over but it's better than the possible alternative. Also as a general, unrelated internet rule for everyone make sure not to use the same password for lots of different sites, if it's an important account make sure it is a unique password, in addition don't be the guy in spaceballs and have it be 12345.


    October 27, 2012 at 1:43 am | Report abuse |
  9. Mtop1

    Was this a legitimate hack? Because if it was, computers have a way of shutting down and protecting themselves.

    October 27, 2012 at 2:04 am | Report abuse |
    • Derrick

      this killed me. hahaha

      October 27, 2012 at 2:26 am | Report abuse |
    • hydrogendioxide

      May be the computers were hacked because that is something that God intended to happen.

      October 27, 2012 at 4:20 am | Report abuse |
  10. Zippy Pinhead

    America, the punching bag of the world

    October 27, 2012 at 2:05 am | Report abuse |
  11. WOW

    the estimated 2011 census is 4.6 mill.....thats 75% of the population.

    October 27, 2012 at 2:31 am | Report abuse |
  12. WOW

    And on top of that it is reported to us at 8 at night on friday so we have the weekend to let them play or for us to do anything? I am utterly disapoint. This is fail at the highest order.

    October 27, 2012 at 2:42 am | Report abuse |
  13. tom in San Diego


    October 27, 2012 at 3:53 am | Report abuse |
  14. lol

    we wouldnt even have a social security number if not for the criminal federal reserve act enacted in 1913 basically were a slave with a number an indentured servant to banks regardless of whether you vote Red or Blue

    October 27, 2012 at 3:54 am | Report abuse |
    • Keith

      America may still be the "Home of the Brave" but it has been a long time since we lived in the "Land of the Free"

      October 27, 2012 at 12:40 pm | Report abuse |
  15. BIG BOB

    Why does the headline say "Social Security Administration"? It was a South Carolina server for the state's revenue department, not the "Social Security Administration".

    October 27, 2012 at 4:15 am | Report abuse |
1 2 3 4 5 6 7 8 9 10 11 12 13