Democratic state legislators held coordinated press conferences Thursday to call for another audit of the S.C. Department of Revenue hack and tax credits for people who want more than the one year of state-sponsored Experian credit-monitoring.
While Sen. Vincent Sheheen, D-Camden, and Rep. James Smith, D-Columbia, criticized Gov. Nikki Haley’s handling of the massive security breach at the Statehouse, Rep. Leon Stavrinakis, D-Charleston, hosted local reporters at the North Charleston City Hall to deliver similar messages.
Stavrinakis called the hack announced a month ago “arguably the most serious failure of South Carolina state government in my lifetime” and the Haley administration’s response “woeful.”
Anxious taxpayers have “received a steady stream of misinformation, constantly changing stories and little to no transparency,” Stavrinakis said. He noted how Haley initially contended no one in state government could have prevented the hack but later accepted the blame.
“This record of ineptitude and lack of candid answers is simply unacceptable,” he said. “The time for waiting for this administration to get it right is over.”
In a statement, Sheheen employed similar rhetoric, calling the breach and the response “the Mother of All Government Dysfunction” and suggesting the state might “reimburse any South Carolina citizen who suffers a theft of his or her assets as a result of the compromised data.”
Haley spokesman Rob Godfrey dismissed Sheheen, who ran against Haley two years ago, and Stavrinakis, who has expressed interest in a gubernatorial run, as political opportunists. He noted the governor spent the morning in Cheraw announcing an automotive supplier’s plant expansion, which will result in a projected 190 jobs.
“Gov. Haley looks forward to working with the General Assembly on ways to further protect and compensate affected taxpayers,” Godfrey wrote in an email. “As for an independent audit, there has already been one, at the governor’s request, but she has no objection to a second one.”
Mandiant, a private security company, has completed its forensic audit of the hack; the state inspector general is leading a review; and there have been hearings in the Legislature.
But Stavrinakis argued a review by the Legislative Audit Council would be more independent and non-partisan. Reps. Smith and Mia Butler Garrick, D-Columbia, as well as Sens. Sheheen and Brad Hutto, D-Orangeburg, joined Stavrinakis in sending letters Wednesday to the LAC, according to Tyler Jones, deputy director of the House Democratic Caucus and a consultant to Stavrinakis, meeting the threshold number of lawmakers for consideration. Five members of the Legislature must request an audit for it to be considered.
Reached Thursday afternoon, LAC Director Perry Simpson said his agency has “a full plate at the moment,” having just agreed to audit the Department of Social Services, the Department of Disabilities and Special Needs and the S.C. Arts Commission. But he said the LAC’s five-member public council will “certainly” consider the requests to audit the Revenue Department.
The tax-credit proposal would authorize a reimbursement “equal to the costs incurred by the taxpayer related to purchasing and maintaining identity fraud and theft-protection services, including, but not limited to credit monitoring and alerts, identity theft insurance, and identity-theft resolution services.”
Stavrinakis said cyber-security experts he’s consulted have recommended between five and 10 years of protection but emphasized the one-page bill is a draft and exactly how the tax credit would work and how much it would cost is still unknown.
Reach Brendan Kearney at 937-5906 and follow him on Twitter at @kearney_ brendan.