State lets S.C. Revenue Department borrow $20 million for hacking costs
COLUMBIA — The S.C. Department of Revenue received approval Wednesday to take out a more than $20 million loan to pay costs related to the hacking of millions of taxpayer records.
The loan, up to $20,170,000, was unanimously approved by the state Budget and Control Board and will come from the state’s Insurance Reserve Fund.
The Revenue Department must repay the money by Oct. 31, 2013, and will ask the Legislature to appropriate the funds in the budget for the fiscal year that starts July 1.
Senate Finance Committee Chairman Hugh Leatherman, R-Florence, questioned during the board meeting what would happen if the Legislature doesn’t approve the money.
Gov. Nikki Haley said she can’t foresee such a scenario.
“You can’t put a price on the trust of the people of this state,” she said.
House Ways and Means Committee Chairman Brian White, R-Anderson, said the Legislature is determined to settle the issue.
If needed, Haley said, the Budget and Control Board could approve a plan that would allow the Revenue Department to pay back the loan over two years.
The infusion comes at a good time for the agency, which can take out the money in up to three installments.
The largest expense included in the $20 million is the state’s $12 million contract with Experian for a year of taxpayer credit monitoring and other services.
The first $6 million of that cost is due to Experian on Dec. 15. The other half must be paid by Jan. 31.
Also included in the $20 million is the cost of hiring a public relations firm, outside legal counsel and a cybersecurity firm, along with state spending on encrypting taxpayer Social Security numbers and notifying affected taxpayers.
In addition to the loan, the Budget and Control Board also approved a request for proposals from consulting firms to perform an assessment of the state’s technology needs.
The consultant would then help the state develop another request for proposals, this one for a company that would help the state implement cybersecurity improvements.
The breach at the Revenue Department resulted in the theft of records of 3.8 million individual taxpayers, 1.9 million dependents, 699,900 businesses, 3.3 million bank accounts and 5,000 now-expired credit card numbers.
Reach Stephen Largen at 864-641-8172 and follow him on Twitter @stephenlargen.