Massive privacy breach at US state tax agency

Powered by SC Magazine
 

Governor wants hacker brutalised.

A massive privacy breach in the US state of South Carolina earlier this month saw the personal data of roughly 3.6 million people — including 387,000 credit and debit card numbers — captured by an overseas hacker.

Of the credit card numbers, 16,000 were unencrypted. The rest were encrypted according to Payment Card Industry Data Security Standard (PCI DSS).

The breach at the South Carolina Department of Revenue was discovered on October 10 but a week later, investigators discovered two earlier attempts in September and October.

Security company Mandiant has been engaged to help tighten up processes, the state tax department said.

It has also set up a site to monitor attempts at identity theft after the attack.

South Carolina has a population of approximately 4.7 million, meaning the breach exposed personal information of over three-quarters of the state's residents.

The information included US social security numbers which, when matched to names and addresses, can be used for identity theft.

The Republican governor of South Carolina, Nikki Haley, announced the breach at a media conference and promised to aggressively pursue the miscreant responsible, according to TV station WLTX.

"I want that man just brutalised," Haley said. "I want him slammed against the wall."

Haley did not reveal any further information as to the hacker, but said she knew which overseas country he was in.

This isn't the first time South Carolingian computer systems have been breached and personal data captured, WLTX reported.

In April this year, 230,000 Medicaid patient records were sent via email by an employee of the federal health programme.

As late as August, 34,000 records of students, faculty and researchers were exposed by overseas hackers.

After the April hack, governor Haley had threatened to fire supervisors reponsible should another breach take place at state agencies.

Despite the recent hacks, South Carolina officials thought the state's computer systems, including the ones at the Department of Revenue, were safe.

Copyright © iTnews.com.au . All rights reserved.


Massive privacy breach at US state tax agency
 
 
 
Top Stories
CIO exits as Coles steps up offshoring
Updated: Engages Accenture in Manila; staff to learn of their fate today.
 
Matching databases to Linux distros
Reviewed: OS-repository DBMSs, MariaDB vs MySQL.
 
Coalition's NBN cost-benefit study finds in favour of MTM
FTTP costs too much, would take too long.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  71%
 
Advanced persistent threats
  3%
 
Unpatched or unsupported software vulnerabilities
  11%
 
Denial of service attacks
  6%
 
Insider threats
  10%
TOTAL VOTES: 797

Vote