Minimize the hacking hazard
The alarming news about the cyber attack on South Carolina tax records only gets worse, with the addition of 657,000 businesses to the list of those whose tax records have been hacked. Previously, state officials had said they weren’t aware that any business information had been compromised.
While the state is responding to the crisis, it’s obviously a work in progress.
Gov. Nikki Haley enlisted her Cabinet members Thursday for their recommendations on increasing public response to the disaster, and Treasurer Curtis Loftis has announced a conference on Nov. 13 to develop additional proposals for cyber security
Meanwhile, a spokesman for the State Law Enforcement Division says those who have evidence of a crime related to the international hacking of credit card data and Social Security numbers should report it to SLED.
A legislative hearing already has been held, and more can be expected to affix the blame and to determine what alterations need to be made to state cyber security systems.
At this point, Gov. Haley has absolved the Department of Revenue of blame.
“This was no issue with someone in the agency,” she said. “This was not a hole that was within DOR. This was a true, sophisticated breach.”
Clearly, any solution will have to include broader encryption of any personal material kept by the state. It stands to reason that a hacker wouldn’t chose a state that already provides that extra layer of security.
Instead, the hacker would target a state like South Carolina, which doesn’t.
As legislators examine the matter, they should review the budgets for information technology to determine if agency cuts played a role in the cyber security failure.
There’s an additional cost to encryption and it also makes documents more difficult to access, which presumably adds to that expense.
Obviously, any pass on tighter cyber security for budgetary reasons was a false economy, and should be dealt with as such.
The taxpayer sign-up for a security program that the state is obtaining from a private company continues apace. More than a half million people have enrolled in the Experian system.
Still, there are another 3 million or so taxpayers out there who haven’t made the call, and eventually the state will have to determine who they are and contact them directly.
This newspaper continues to list resources taxpayers can use to minimize their financial vulnerability to this security debacle. (See page A4 today.)
Apparently the Experian hotline is now open with minimal delay, so there won’t be further need for the governor to blame the media for clogging the lines, as she did on Tuesday. Perhaps that preposterous assertion can be attributed to the strain of recent days and the growing magnitude of the disaster.
Bill Rogers, executive director of the South Carolina Press Association, correctly described the governor’s contention as “an ingenious way to blame the media,” adding, “There are 16 daily newspapers in South Carolina. If that is enough to clog up their phone lines, then they have got problems.”
Previously, the governor blamed the media for causing “somewhat of a panic” among taxpayers, leading to a flood of calls to Experian. This is known as shooting the messenger.
As taxpayers are advised to respond to the crisis, they need to be assured that the state’s chief executive is looking in all the right places to resolve this still-unraveling disaster, which every day brings another troubling chapter.