FRESH INFORMATION, INTRIGUE RELATED TO PALMETTO STATE’S MASSIVE SECURITY BREACH
One day before S.C. Gov. Nikki Haley belatedly informed the people of South Carolina about the biggest security breach in state history, FITS reported on the termination of a high level staffer at the S.C. Department of Revenue (SCDOR) – the agency that coughed up 3.6 million Social Security numbers, nearly 400,000 credit and debit card numbers and untold other information to hackers allegedly associated with a sophisticated Eastern European crime ring.
But is the forced resignation of SCDOR chief information officer Mike Garon – first reported in one of our “wire” posts – somehow connected to this unprecedented breach?
More to the point … is Garon the “inside man?” Meaning were his credentials used by the hackers as part of their plot to gain access to this information?
SCDOR officials are denying any like between Garon and the breach, according to WLTX TV 19 (Columbia, S.C. – CBS). Also information from our sources suggests that Garon – who made more than $108,000 a year (not counting benefits) – was fired as a result of his connection to an unrelated scandal.
According to our tipster, Garon was “escorted out of his job and the building at the (S.C.) Department of Revenue” on September 26 – about two weeks before the breach was detected the agency.
Why was he sacked? In a follow-up email, our source alleges that Garon was part of a corrupt ring of bureaucrats that was profiting from the awarding of information technology contracts to specific vendors. This scam – which dates back several years – was first unearthed about eighteen months ago, at which point an internal SCDOR investigation into Garon’s activities was launched.
“In the most corrupt agencies, these guys just bought the business, but in no agency was it worse than (SCDOR),” our source says.
We’re not ruling out a possible connection between Garon and the massive breach – and it’s obviously impossible to trust anything the Haley administration says – but at this point there’s nothing to suggest that the disgraced bureaucrat was connected to the hacking operation.
We’re continuing to dig on Garon, though, and will be sure to let our readers know what we’re able to uncover.
In the meantime, it’s starting to look like this could just be the beginning of SCDOR’s internal problems …
(And no, we’re not just referring to the fact that two SCDOR employees have been fired in recent weeks for masturbating in public).
Another SCDOR staffer feeling the heat is deputy director Harry Cooper – who has been accused by agency employees of skimping on security measures.
“(Cooper) gave the approval to reduce costs by reducing the level of cyber security at the SCDOR,” one agency source tells FITS. “Sure, he relied on the recommendation of his chief IT people, but it was his final decision.”
Wait a minute … SCDOR received $67.5 million in the current state budget, which is $4.5 million more than it received a year ago.
Why, then, would it need to “reduce costs” – particularly costs related to cyber security? Or is the protection of information that South Carolina residents are required to submit to the state not a core function of government?
Sheesh …
S.C. Gov. Nikki Haley – whose administration is responsible for SCDOR – has claimed that nothing could have been done to stop the breach. However in the same breath she admitted that there were “holes” in the system that have since been filled.
Take a listen …
(Click to play)
So which is it, governor?
In addition to this inconsistency, Haley’s claims that South Carolina followed “industry standards” for protecting citizens’ sensitive information have also been debunked.
***
21 comments
Why didn’t her parents get help when she was young? They had to know something was terribly wrong.
You are absolutely correct. Did you notice how she’s smiling with her horseteeth while talking about this grave breach of OUR information?. It makes me angry. I would like to cuss her out for being stupid. But I realize this would be like talking to a drunk….doesn’t do any good whatsoever!
Hey FITTS…..look at the companies who provide software services to the State. That is the most likely source of info used to crack into the system. Remember also that Russia and its allied countries may have agents working for these companies…….Guys like Garon and Cooper are little more than local yokels and probably are not involved unless of course they were paid off by Russian agents.
Bullshit, FITs didn’t “report” on this- you fairly well ignored the information and the inside guy that gave it to you.
Nikki Haley is an idiot. Either one of two things – she doesn’t have a clue what she is talking about or she does know what is happening but Haley is trying to spin it in a direction that doesn’t make her look responsible. The hacker was not that sophisticated – Haley is just saying that so they won’t look so dumb.
DOR is under the Budget and Control Board, the five-headed monster run by two legislators, the independently-elected Treasurer and Comptroller General, AND the Governor. Blaming the Governor for this problem lets off the hook 80 percent of the parties with authority, and the party that has 100 percent of the responsibility for our dysfunctional state government: the Legislature.
I’m not keen on the relation between the Budget and Control Board and the Department of Revenue. I thought Haley appointed a director to SCDoR? I thought these positions only have to be approved by the legislature.
Why do people keep spreading this bullshit that DOR is not a cabinet agency? Its director, Etter, was appointed by Queen Nimrata in 2011.
Check it out here :
http://www.sctax.org/DOR+Administration/Director/Director.htm
Wrong. DOR is a cabinet agency answering solely to the governor.
DOR is not under the Budget and Control Board.
DOR is a cabinet agency and has been for a long, long time…
Governor Haley is on top of me. I mean, this.
They announced today that a SCDOR account and PW was used to access the data. Hmmm wonder whose it was???
“the password was my highschool”
I just tried to register for my “free” security protection on the website the state provided and used the SCDOR123 code. I completed and submitted my information only to receive a notice saying I had to call the 1-866-578-5422 to complete the process. I have called 5 times only to listen to a tape recorded message that plays through 2 times and then when I elect to hold they tell me they are busy and I need to call back at a later time and date! Unbelievable. Why do I have to call if I have already entered my information online?
Say, we’re four years in.
When is your tell-all book coming out?
That you could have saved us all four years of this political succubus but couldn’t be bothered because you were writing a book…well, what a shitty thing to do to the people of South Carolina. Shame.
You poor thing. Nikki was elected in 2010 (the years Sic made his claim), took office in 2011…all of this STUFF has happened it less than 2 years, son. It just seems like twice as long.
I wonder about how they keep telling us it was a foreigner who did the hacking just because the IP address was from another country. Obviously, the hacker was pretty dam good.
Isn’t it pretty much standard operating procedure for any sophisticated hacker to hide and or change their real IP address?
It sounds good for Governor Haley to infer it is some sort of Russian mob syndicate, but I seriously doubt the hacker(s)left his or her real IP address lying around for the Feds to trace.
If that information came from higher sources, it may be more likely to be correct. I would expect hackers to use TOR or some other tool to hide their tracks, though.
Smell a big ethnic rat.
With Haley involved we will never know the truth….she’s the SPIN QUEEN and not very good at it either. Damn I wish her term was up NOW!