SC

SC Hacked: The Mystery Expands

WILL TAXPAYERS EVER GET ANSWERS? The successful hacking of the S.C. Department of Revenue (SCDOR) is the biggest disaster of Gov. Nikki Haley’s administration – but it is also the biggest mystery. More than a month after the fact, no one knows what really happened … except that 3.8 million Social…

WILL TAXPAYERS EVER GET ANSWERS?

The successful hacking of the S.C. Department of Revenue (SCDOR) is the biggest disaster of Gov. Nikki Haley’s administration – but it is also the biggest mystery.

More than a month after the fact, no one knows what really happened … except that 3.8 million Social Security numbers, 3.3 million bank account numbers, tax info for more than 650,000 businesses and nearly 400,000 credit and debit card numbers were stolen (information which is now being sold on the black market).

According to Haley’s administration, thieves were able to access the system using information obtained from an unsuspecting employee  – who apparently clicked on the wrong email.  But as has been meticulously documented throughout this process taxpayers can’t trust anything that Haley says – because almost everything she has told the public about the unprecedented state-level breach has been false.

Haley initially claimed that “there wasn’t anything where anyone in state government could have done anything” to stop the breach – and that the Palmetto State used “industry standard” data security methods.  Both of those claims turned out to be completely false – as a simple $25,000 expense could have prevented the breach (which will wind up costing taxpayers hundreds of millions of dollars).

But who perpetrated the heist?  Initially, Haley’s administration told legislative leaders that the hack was the work of an Eastern European criminal organization.

But is that accurate?

Sources within the S.C. Department of Revenue are telling FITS that the real culprit may have been much closer to home.

“The problem emanated from a contract worker whose firm was hired to assist DOR in computer programming and who saw an opportunity to make some big money,” a source tells FITS.

Not only that, according to our source “SLED was onto (the suspect) long before” the hack was publicly disclosed.

“They were investigating the internal suspect,” our source says, referring to the S.C. State Law Enforcement Division (SLED).

The sources declined to speculate on whether the “internal suspect” was Mike Garon, the former Revenue Department official whose firing was reportedly exclusively by FITS less than 24 hours prior to Haley informing the public about the breach.  SCDOR officials have repeatedly denied that Garon’s firing had anything to do with the scandal – however he did oversee the agency’s cybersecurity during the breach.

On that count, our sources say that SCDOR staffers “warned Garon over a year ago that they had a vulnerability in the system and that it needed to be addressed.”

Unfortunately Garon is said to have “ignored (the) advice.”

What’s clear at this point is that the security breach at SCDOR was completely preventable – and that our state’s leaders have yet to shoot us straight regarding precisely what happened.

***

Related posts

SC

South Carolina Mayor Dead Following Car Crash

Will Folks
SC

Palmetto Past & Present: How Columbia Became the Confederacy’s Currency Capital

Mark Powell
SC

Catherine Templeton: Stopping The Weaponization Of South Carolina’s Judicial System

FITSForum

13 comments

jimlewis,owb December 4, 2012 at 9:42 am

2012-Haley-One&Done
2014-Davis-The One

Reply
BigT December 4, 2012 at 9:47 am

Libertarians poll in the single digits…Davis’ endorsement of Ron Paul was a Death Knell for any statewide office…They’ll just tie Davis to some of Paul’s lunitic ideology…

Haley may be a one-termer…but we all know who it is breathing down her neck..and it D$%m sure ain’t Davis…

Reply
Upstater December 4, 2012 at 10:23 am

I thought that at first, too, Big T — that Davis had lost his mind by sticking his neck out to endorse Paul. But I now think he was way ahead of all the usual pundits, and saw before most the direction the GOP was moving (toward adopting more libertarian principles). Look at what Jim DeMint now says and the rise of Rand Paul. In the end Davis is going to look like a genius and status quo hacks like you, Big T, are going to be on the outside looking in, or whiling you days away by posting semi-literate rants on blog sites. In other words, where you’ve always been.

Reply
carrie December 4, 2012 at 10:46 am

UP, although Sanford never endorsed any of the candidates, we knew he was interested in Ron Paul (per Jenny’s comment to the CNN news). My question, do you think Tom Davies is still influenced by Sanford and is following his advises?

Reply
BigT December 4, 2012 at 9:44 am

I’m protected now…and the government is using MY tax money on ME…

So STFU…only the idiot democrats and Haley-haters are still riding this Dead pony…

IF (Big IF) there is legitimate ID theft perpetuated because of this…THEN there will be H#!! to pay…

But right now she could use this to kick your @$$..like she has done oer and over, since you began you crusade…

Reply
Smirks December 4, 2012 at 11:44 am

I’m protected now…and the government is using MY tax money on ME…

Big(o)T appreciates Haley’s use of condoms and lube in fucking him and the rest of SC. Don’t you?

IF (Big IF) there is legitimate ID theft perpetuated because of this…THEN there will be H#!! to pay…

“If I still get VD, though, THEN I’ll be mad!”

Reply
shifty henry December 4, 2012 at 10:00 am

….. said it before and saying it now — inside assistance was needed to accomplish this theft

….. no matter what Nikki says she cannot be trusted to be truthful

Reply
shifty henry December 4, 2012 at 10:04 am

… very cool photo, interesting

Reply
insider December 4, 2012 at 10:28 am

Wonder how much she’s getting from Experians? Kickback? Equifax could have done it for less than half. Wonder if she is behind the hack? Makes sense. BTW, is that the same Mike Garon who owns SC-GMIS? Isn’t GMIS an info-systems company?

Reply
Phonebooth Bob December 4, 2012 at 10:28 am

In fairness, it can be stated that these situations tend to be fluid while discovery is going on. it is best to just state that there was a breach, then do complete forensics to determine causes.

Given the thirst of the public for information, the desire of the Haley administration to reply, and the outright irresponsibility of the press to give any information, true or not, just to get web hits, its no wonder the story has changed every day.

Reply
shifty henry December 4, 2012 at 10:38 am

A lot of truth there, but we still like the juicy, hard-hitting news that shows the stupidity of some of the muckety-mucks!

Reply
Robert Chance December 4, 2012 at 10:35 am

And now we delve into the realm of sci-fi.

Read the public report – from a company far too large to risk it’s name being put on something bogus. Better yet, find your nearest (REAL) security expert – not some I.T. geek that thinks he/she knows something about security, but someone that does it for a living. The public report spells out about a dozen mistakes at DOR that could have easily been prevented.

Now, who did it?…when did people know?…who ultimately is responsible for the joke of a design the public report shows? Those are all valid questions we do not have the answer to, but SCDOR obviously does (all very easy to answer with logs). None of this information will come out until after the legal cases are completed, so don’t expect them anytime soon.

That said, let’s not get out the tin foil hats just yet guys…

Reply
Old Bike Dude December 4, 2012 at 10:37 am

Yeah it’s all funny until Al Qaeda terrorist start using Billy Bob Pinkcney’s phony passport. Who is Lil Nim gonna blame then? Maybe it’s time for a little Rhandwawi family scrutiny.

Reply

Leave a Comment