Hack Exposes Millions of US Social Security Numbers

South Carolina taxpayers are upset after an estimated 3.6 million of their Social Security numbers were exposed to an international hacker who breached the state's Department of Revenue database.

Approximately 387,000 credit and debit card numbers were also exposed during the attack. Luckily, most of these numbers appear to have been encrypted.

The breach occurred in mid-September 2012. However, South Carolina officials didn't learn of the problem until several weeks later. Officials then initiated an investigation that discovered how the data had been accessed.

South Carolina officials say they were able to diagnose the reason for the breach and to eliminate that security vulnerability by October 20. (Source: arstechnica.com)

Governor Wants Hacker "Slammed to the Wall"

South Carolina Governor Nikki Haley recently held a press conference to publicly address this issue. Haley called the attack "creative," but refused to identify the attacker or the attack's point of origin.

Haley did indicate the hacker's location is now known, but did not disclose his or her identity.

There's no doubt Haley and other South Carolina residents have been enraged by the attack. When speaking to reporters about the issue, Haley said she hopes to see the hacker "slammed to the wall." (Source: pcworld.com)

Haley also suggested a new strategy is needed to prevent these kinds of attacks from succeeding in the future.

"We want to make sure everybody understands that our State will respond with a big, large-scale plan that is somewhat unprecedented to take care of this problem," Haley said.

Luckily, officials say that virtually all of the credit and debit card numbers were protected by encryption. However, an estimated 16,000 were unencrypted and thus were presumably captured by the attacker.

State on the Hook for Credit Monitoring Services

The state government has agreed to provide all of those affected by the attack with a year of free credit monitoring and theft identity protection. It's a plan that could prove expensive for South Carolina taxpayers.

"The cost is also going to be enormous, given that South Carolina may be required to pay for identity theft protection services for anyone who has paid taxes in South Carolina since 1998," noted security expert Stephen Cobb. (Source: pcworld.com)