Hackers Swipe Most Taxpayer PII in South Carolina
A hacker took advantage of a weakness in the South Carolina Department of Revenue’s website to steal 3.6 million social security numbers and 387,000 credit and debit cards. I think SC might be hiring new cyber squaddies right about now.
From WBTW here:
The S.C. Department of Revenue today announced that approximately 3.6 million Social Security numbers and 387,000 credit and debit card numbers have been exposed in a cyber attack. Of the credit cards, the vast majority are protected by strong encryption deemed sufficient under the demanding credit card industry standards to protect the data and cardholders. Approximately 16,000 are unencrypted.
Upon the recommendation of law enforcement officials, DOR contracted Mandiant, one of the world’s top information security companies, to assist in the investigation, help secure the system, install new equipment and software and institute tighter controls on access.
Heh, Mandiant won’t be able to have that much visibility into the traffic in question. They’ll advise on policies and install what amounts to advanced AV agents on affected systems. Agents, which, by the way, tend to cause chronic Dr. Watson errors.