Who Hacked South Carolina’s Revenue Department?
EASTERN EUROPEAN CRIME SYNDICATE SAID TO BE BEHIND PALMETTO STATE DATA HEIST
Members of an Eastern European crime syndicate – one with alleged ties to the Russian government – were responsible for an unprecedented security breach that took place at the S.C. Department of Revenue (SCDOR) in August and September of this year, sources familiar with the investigation tell FITS. In fact law enforcement agencies on two continents are reportedly in the process of trying to “repurchase” the data that was stolen – part of a broader international sting operation targeting this criminal enterprise.
Last week S.C. Gov. Nikki Haley belatedly informed the public that 3.6 million Social Security numbers and nearly 400,000 credit card numbers had been stolen from SCDOR by an anonymous hacker. Individual tax returns may have also been stolen.
In disclosing the breach, Haley said that she wanted the individual responsible “brutalized” and “slammed against the wall.”
While Haley was putting on her show, though, officials in her administration were telling legislative leaders and other state officials that a global effort led by Interpol and the U.S. Department of Justice was “trying to buy the list back.”
“We made the last payment,” one Haley advisor told a top lawmaker less than 24 hours before the governor held her infamous press conference.
The Haley aide told the lawmaker that the blackmail payments were part of a “global law enforcement sting” and that “no South Carolina tax dollars” were being used for the purpose of repurchasing the list. The legislative leader declined to identify the name of the Haley staffer he spoke with – even after being granted anonymity to speak freely.
Sophisticated Russian-based hacking operations have been targeting state and local government systems with increasing frequency in recent months. These stealth attacks generally target weak databases by infecting them with malicious computer code – downloading reams of data which is then sold to the highest bidder.
Hackers are getting better at launching these database-driven attacks, but according to our sources South Carolina should have been much better prepared.
The Palmetto State has received millions of dollars in cyber security grants from the U.S. Department of Homeland Security (USDHS) in recent years. Not only that, the state reportedly paid “a boatload of money” to Carnegie Mellon’s internationally recognized Computer Emergency Response Team (CERT) to train state employees on new cyber security measures.
The governor’s administration – which experienced another major security breach back in April – has been widely criticized for its poor data integrity as well as the length of time it took for officials to become aware of the problem. Haley’s administration has also come under fire for waiting sixteen days to inform the public about the breach – which was reportedly initiated on August 27.
According to our sources, Haley’s administration knew about the true nature of the security breach for “several weeks” prior to disclosing it to the public. In fact the governor’s office appears to have explicitly instructed other state agencies to keep the true nature of the breach under wraps during that time period.
Mark Keel – chief of the S.C. State Law Enforcement Division (SLED) – has stated previously that Haley’s administration wanted to wait until a specific set of “benchmarks” had been reached in the investigation before they went public with the news that a breach had occurred.
Keel – who never disclosed what those “benchmarks” were – did not respond to a request for comment regarding this story.