COLUMBIA — Gov. Nikki Haley has repeatedly said nothing could have been done to prevent a hacker from stealing Social Security numbers and credit card information from the S.C. Department of Revenue database.

But for the systems that a hacker breached, the Revenue Department had not been using a layer of cyber security offered by the state, according to information provided Thursday to The Post and Courier by the S.C. Budget and Control Board.

Democratic state Sen. Vincent Sheheen of Camden said having the state monitoring system in place on the breached systems might not have prevented the attack, but the additional protection could have helped.

“The answer is that there’s no 100 percent guarantee, but the purpose of the (monitoring) system is to detect breaches, and they have been very successful in detecting breaches in other agencies,” he said.

Sheheen, who lost to Haley in 2010, said the fact that the Revenue Department began using the monitoring after the breach and the fact that many agencies use the monitoring shows its relevance. He said the department should have disclosed after announcing the breach that the state monitoring was not in place.

“It means I think we have to call into question what the Department of Revenue isn’t telling us,” he said. “I think we really have to look for some objective investigation into what actually occurred.”

Haley spokesman Rob Godfrey said in response that: “Politics is politics and we’re certainly not interested in it right now.”

Many state agencies, school districts and local governments use the free network monitoring services from the Division of State Information Technology.

The breach that has compromised 3.6 million Social Security numbers and information for as many as 657,000 companies began Aug. 27.

The attack wasn’t discovered by the state until Oct. 10, according to state officials.

The hacker entered the Revenue Department system twice before extracting the sensitive data, officials have said.

Read more later at and in tomorrow’s newspaper.