MASSIVE SECURITY BREACH WAS TOTALLY PREVENTABLE
As hundreds of thousands of South Carolinians receive their “your personal info has been stolen” letters from the S.C. Department of Revenue (SCDOR), state lawmakers continue to investigate the colossal lapse in security that led to the massive breach at Gov. Nikki Haley’s cabinet agency.
And as they do, they continue to uncover what additional evidence which points to one unmistakable conclusion: The largest state-level security breach in history was completely preventable.
Not only that, a former employee told the agency exactly how it could better protect sensitive data – and was ignored. According to the Associated Press, former SCDOR information technology chief Scott Shealy told a legislative panel his former agency was “more concerned with keeping employees from accessing news, sports and social media websites on their work computers than protecting taxpayer data like Social Security numbers.”
Oh, and masturbating … let’s not forget masturbating.
Shealy – who advised SCDOR to encrypt its sensitive data and put safeguards in place for employees who accessed it – left the agency in September 2011.
Beginning in late August, SCDOR coughed up 3.8 million Social Security numbers, 3.3 million bank account numbers, tax info for more than 650,000 businesses and nearly 400,000 credit and debit card numbers to as-yet-unidentified hackers. Haley’s agency never even knew it had been hit – in fact it wasn’t until mid-October that federal law enforcement officials informed the state its system had been compromised.
At that point, Haley waited another sixteen days before going public with the news.
How has she managed the crisis? Not well …
Haley initially claimed that “there wasn’t anything where anyone in state government could have done anything” to stop the breach – and that the Palmetto State used “industry standard” data security methods. Both of those claims turned out to be completely false.
Haley’s administration has received a $20 million bailout to pay for all the costs associated with the breach – including a controversial credit monitoring deal and crisis communications advice from a liberal Capital City public relations firm.
***
14 comments
The zoo is now open – get your tickets at the gate.
The saddest part comes from most of SC will forget this come election day. That two week memory is a sad thing.
People won’t forget. The “YOU GO GURL” and “PALIN HALEY 2016” clods will show up at the primary, and the straight ticket GOP nose-holders will show up at the general election. Half the people that will vote for her have plugged their ears, the other half can’t bring themselves to vote outside their party.
Encryption, two-factor authentication, immediately shutting out compromised systems, alarms when an individual accesses a large amount of data? B-but, industry standards! Nothing could be done! No one’s fault! It’s too complex with all the numbers and stuff! Leave my family out of this!
It’s a great day in SC, for Russian script kiddies.
She must bee cut-oft in da primarie! Maybe Loftis or Davis will run her outta town!
It’s the same “micro-management even though I don’t know nearly as much as the subordinates that I’m bullying” style of “leadership” running rampant at the SCDEW. How, why does Haley tolerate such obvious incompetance? Oh…that’s right,…”Because that’s what I see when I look in the morror!”
You could not have said it better!
She won’t be cut off in the primary. Hell, she may not even be challenged. And she’ll win a second term. That’s SC voters, whether you make them show their picture ID or not.
It’s also the reason the Republican field for Scott’s seat is so large. They all know that if they get in they’re in for as long as they want to be in. Good salary, excellent benefits, and all the ass-kissing you care to entertain.
I sent my resume to them and have not heard one word. With 34 years in IT you would think that you would get back a thanks but no thanks response.
Senior staff has rigged the system to pay themselves & their buddies the big bucks so lots of folks make $80K w/out doing shit. Check the salary database. Meanwhile no $$ is left to hire anybody new. How’s that workin’ for ya, DOR?
….. and why hasn’t Harry Cooper been shown the door? I even heard one of his minions down the hall from him saying the same thing. Appears that Harry was the final word on not paying for encryptment. He probably hopes that everything is laid on Garon even though this idiot reported directly to Cooper!
Cooper is poison and needs to go. Everything should be laid on Garon, but it was Cooper who kept this fool on the payroll when he should have been shown the door years ago.
I predict that Cooper will slide through this like KY Jelly on a rubber glove!
Believe me, Cooper’s hands were all over this. He’s the one who decided where to spend the the excess money earned through the Burnie plan back in ’06-’07. How much was needed to encrypt back then? How much was spent on security? Harry has never accepted responsibility on anything. He’s probably already figuring out if he is going to have to swallow with Blume! Believe me he will if needed!
All TERI employees need to go also. They are a drain on the system. The initial concept was great but in reality you have state employees sitting on their assess doing nothing.