Skip to content

South Carolina Tax Collector Leaves After Cyberattack Accesses Taxpayer Records

2 min readBy: Joseph Bishop-Henchman

South Carolina Department of Revenue Director Jim Etter will leave office effective December 31, after a cyberattack on his office gained access to taxA tax is a mandatory payment or charge collected by local, state, and national governments from individuals or businesses to cover the costs of general government services, goods, and activities. return information from 3.8 million taxpayers (including Social Security numbers) and bank account information from 3.3 million taxpayers. The attack occurred because a revenue department employee downloaded a malicious e-mail attachment, giving the hacker password information to access the system.

From The State:

The hackers took tax information of people who file electronically, Haley said. People who file paper returns did not have their information taken. Most of the records taken go back to 2002, [Governor] Haley said, but some records date back to 1998.

The state will send letters or emails to taxpayers whose information was stolen, Haley said.

The hackers used a stolen employee password to access state tax records. The thieves got the password when a revenue department employee opened an email with a malicious computer program, said Mandiant, a Washington computer forensics firm hired by the state to investigate the incident.

The Associated Press explains further what went wrong:

Haley said Mandiant showed the revenue department’s system was vulnerable because it did not require dual verification for someone trying to access tax returns and did not encrypt Social Security numbers.[…]

Last week, Haley ordered all of her 16 Cabinet agencies to use computer monitoring by the state information technology division. The revenue department has been criticized for previously turning down its free services. Haley is also transferring personnel to the state IT division, so that an employee can monitor Cabinet agencies’ systems around the clock. All Cabinet agencies must also use a Mandiant service, dubbed “the hand,” designed to shut down a computer if data is being improperly transferred.

Haley also requested that the IRS require encryption of Social Security numbers for electronic tax return processing.

South Carolina residents are being offered state-subsidized credit monitoring, which they can sign up for by calling 1-866-578-5422 or going to www.protectmyid.com/scdor and using the activation code “scdor123.” The call center is open 9:00 AM – 9:00 PM EST on Monday through Friday and 11:00 AM – 8:00 PM EST on Saturday and Sunday.

Share