South Carolina's well-known data breach, which exposed sensitive details including Social Security numbers for more than 3.6 million people, seems to have highlighted the problem that many state governments may have when it comes to information security.
In the immediate wake of the attack, a number of states have begun to look into their policies for protecting consumer data, particularly where tax information is concerned, according to a report from the New York Times. But South Carolina is only part of the problem. Since 2005, 11 state tax agencies across the country have been hit by data breaches, though not all were attacks.
Experts believe that the criminals responsible for the hack were fully aware of the state agency's vulnerability to such an attack, the report said. None of the tax breaches in the last seven years have been anywhere near this scale, though others related to different categories have come close.
"Obviously these hackers picked South Carolina because it was vulnerable," former South Carolina state senator John Hawkins, who recently filed a lawsuit against its Department of Revenue, told the newspaper. "I equate it to a burglar going into a neighborhood. He's going to break into the house with no alarms and the door open."
Officials in the state say that it had the most up to date security measures available, but evidence stands to the contrary, the report said. Now, Governor Nikki Haley says her office is encrypting all the tax files it has so that if any are stolen, it would be harder to crack them. However, that process could take as long as 90 days.
The state is also offering potential victims of the hacking attack free credit monitoring and identity theft protection, but so far, relatively few have taken advantage, the report said. In all, just 653,000 people have called the state's emergency data breach hotline, and only 521,000 of them have also signed up for the protection services.
Ondrej Krehel, the chief information security officer for IDentity Theft 911, has a blog about how hackers can target and infiltrate systems with a wealth of consumer data, and the kind of harm these attacks can do.
In the immediate wake of the attack, a number of states have begun to look into their policies for protecting consumer data, particularly where tax information is concerned, according to a report from the New York Times. But South Carolina is only part of the problem. Since 2005, 11 state tax agencies across the country have been hit by data breaches, though not all were attacks.
Experts believe that the criminals responsible for the hack were fully aware of the state agency's vulnerability to such an attack, the report said. None of the tax breaches in the last seven years have been anywhere near this scale, though others related to different categories have come close.
"Obviously these hackers picked South Carolina because it was vulnerable," former South Carolina state senator John Hawkins, who recently filed a lawsuit against its Department of Revenue, told the newspaper. "I equate it to a burglar going into a neighborhood. He's going to break into the house with no alarms and the door open."
Officials in the state say that it had the most up to date security measures available, but evidence stands to the contrary, the report said. Now, Governor Nikki Haley says her office is encrypting all the tax files it has so that if any are stolen, it would be harder to crack them. However, that process could take as long as 90 days.
The state is also offering potential victims of the hacking attack free credit monitoring and identity theft protection, but so far, relatively few have taken advantage, the report said. In all, just 653,000 people have called the state's emergency data breach hotline, and only 521,000 of them have also signed up for the protection services.
Ondrej Krehel, the chief information security officer for IDentity Theft 911, has a blog about how hackers can target and infiltrate systems with a wealth of consumer data, and the kind of harm these attacks can do.