A server holding taxpayer and credit card information of residents of
the US state of South Carolina has been breached, resulting in the
exposure of 3.6 million social security numbers and 387,000 credit
cards.
In a press conference late last Friday in the US, representatives from
the state Department of Revenue confirmed the breach and the fact
that, of the credit cards, 16,000 were stored without encryption.
State Law Enforcement Division Chief Mark Keel told reporters that the
investigation so far had revealed that the intrusion had occurred as
early as August 27 this year, and had confirmed that the IP address
through which the attack originated was foreign in nature.
US Secret Service Agent Michael Williams said that its agency received
information regarding a possible incident on October 10, and it was at
this point that other law enforcement agencies and the governor were
informed of the breach.
As part of its response, independent information security company
Mandiant was engaged to provide advice on how to proceed. Mandiant
Director Marshall Heilman said that its first steps were to remove the
attacker's known access, deter the attack with additional security
measures, and enhance the systems' logging to enable law enforcement
to detect if the attacker returned.
"These types of breaches are not uncommon — they actually happen every
day. Most of them do not make the news, unless they are very large,"
Heilman said.
South Carolina Governor Nikki Haley has already appointed Inspector
General Patrick Maley to further look at the state's information
security measures. Maley said that its first plan of order is to
establish a full time task force to examine each of the state's
systems and "triage" them.
But Haley is not just taking a defensive approach to the breach,
stating that she wants the person held accountable for their actions,
and "slammed against the wall."
"South Carolina has come under attack, but South Carolina is going to
fight back in every way possible," she said.
"It's no longer about just inside hackers, it's about international hackers."
"Our state will respond with a big, large-scale plan that is somewhat
unprecedented, to take care of this problem."
However, with the investigation still ongoing, Keel has stated that
"no further information regarding specifics of the investigation will
be released at this time," as the disclosure of more information could
hinder efforts to bring the hacker to justice.
Haley asked South Carolina residents for patience, stating that "when
any law enforcement division tells you, 'this will hurt our situation
for this to get out', we need to be conscious of the fact that we need
to let them to their job."
"What were my instructions to [law enforcement]? Slam him to the wall.
The only way I can make sure that can happens is that I give them the
ability to do their job without any confusion, and be able to get this
person. That's what I want. I want to be able to get this person and
make sure he can never do this to any body or any state."