Add another few million to the price of incompetence …
South Carolina taxpayers are shelling out $8.5 million (at least) to CSIdentity Corp. to provide one year’s worth of free credit monitoring to victims of last year’s massive data breach at Nikki Haley’s Revenue Department.
#SCHacked – which remains the largest state-level security breach in American history – has yet to be solved. Meanwhile the company hired by Haley (using a secretive, no-bid process) to provide credit monitoring in its aftermath is now the subject of a congressional probe after selling confidential data to Vietnamese scammers.
So … where are the 3.8 million Social Security numbers, 3.3 million bank account numbers, tax info for more than 650,000 businesses and nearly 400,000 credit and debit card numbers lost during #SCHacked?
Your guess is as good as ours …
Anyway Associated Press reporter (and Haley cheerleader) Seanna Adcox neglects to mention the investigation into Experian in her latest report. However at the tail end of her story she does acknowledge that the new company provides better protection to South Carolinians victimized by the hacking.
“(CSIdentity’s) services go beyond Experian’s monitoring of credit reports to catch other ways stolen identities are used,” Adcox reported. “Other databases monitored include payday loans, court records, sex offender registries and online chat rooms where cyber-thieves sell and buy information.”
Really?
Then why didn’t South Carolina hire this company in the first place?
Oh right … Nikki Haley was in charge.
8 comments
Then why didn’t South Carolina hire this company in the first place?
—- because she’s a bubblehead?
I’m keeping an eye out on OpenSecrets to see if she gets any Experian donations.
Edit: Doh! Guess OpenSecrets doesn’t cover state elections, but you can keep an eye out here:
http://votesmart.org/candidate/campaign-finance/47879/nikki-haley#.UmqqgFMwLyg
So this is $8.5 million but Experian’s coverage was $12 million? Gee, maybe this is why we go through a bidding process.
Now, imagine what kind of “deals” Haley is getting us when she goes to Paris, Tokyo, etc.
ALAN WILSON’S BIZARRE MOVE
DOCUMENT SHREDDING PARTY…. OOPS! ..I MEAN TRAINING … WRITE THAT DOWN …TRAINING ….I MEAN IT ….TRAINING … WRITE THAT DOWN …IT’S TRAINING …..UH UH UH ,,,,,,,
EXPERIAN, the sweetheart $12 million contract last fall to provide credit monitoring for a year, sent out another round of come-ons trying to convince South Carolinians to buy its service. The notices were emailed three days before we could start signing up for the monitoring that we already paid for through our state taxes, provided by a cheaper contract that the state negotiated with CSIdentity Corp. A contract Experian had refused even to bid on. At least this month’s sales pitch didn’t imply that the state wasn’t providing credit monitoring, as the one in September had.
Gov. Nikki Haley announced that cyberthieves had lifted the tax returns (think Social Security and bank account numbers) of 6.4 million individuals and businesses from her Revenue Department?
Attorney General Alan Wilson invited law enforcement to a training session on identity-theft investigations, and in the week’s most bizarre move, Superintendent Mick Zais’ Education Department held an Employee Document Shred Day. That’s certainly useful for protecting important paper documents, which lots of us don’t do so well, but I’m not sure what it has to do with cybersecurity. The Revenue Department could have shredded every last piece of paper it possessed, and cyberthieves still would have our data — in a far more dangerous form than paper.
the one-yearish anniversary of Gov. Haley’s failure to protect our financial data, followed by a 16-day “cover up” before she announced the breach. (The attack occurred in September, the federal government informed the governor Oct. 10, and she announced it on Oct. 26.)
what we didn’t hear a thing about — from the governor — was how we fix the systemic problems that ultimately invited the largest breach of state government data in the country to occur here in South Carolina.
Simply fixing the security procedures at the Revenue Department is not adequate. Neither is it adequate for every government agency in South Carolina to review and update its own cybersecurity policies — though that too is necessary, and incomplete.
What we need is a system that requires smarter security and that can recognize the absence of that long before our vulnerabilities turn into disasters.
We freaking got hacked…..AGAIN……….DOOFUS DID IT AGAIN …UH … UH …UH…
Read more here: http://www.thestate.com/2013/10/27/3059067/scoppe-in-hacked-sc-a-year-of.html#storylink=cpy
Seanna, ya dumb ass, how is it free if we’re paying for it? Maybe you should pull your head out.
Wonder how much kick-back money is making it’s way to an off-shore account?
Law firm (Nelson Mullins) tries to clear up confusion about how Experian deal reached
November 27, 2012
COLUMBIA — Thad Westbrook of Nelson Mullins, a law firm representing the state in the aftermath of a massive cyber breach now says NO competitors were contacted before the state reached a $12 million no-bid contract with Experian.
Attorney Jon Neiditz of Columbia firm Nelson Mullins said the confusion over whether the firm had contacted other credit monitoring companies resulted from an unclear statement made by another attorney, Thad Westbrook.
The Revenue Department reached an initial agreement with Experian just before the breach affecting millions of current and former S.C. taxpayers was first announced publicly on Oct. 26.
The confusion over whether Thad Westbrook of Nelson Mullins ever reached out to Experian competitors began at an Oct. 30 Senate Finance Committee hearing from comments from Nelson Mullins attorney Thad Wetbrook.
Revenue Department Director James Etter, who is resigning effective at the end of this year, correctly told senators that no other companies were contacted besides Experian.
But Nelson Mullins attorney Thad Westbrook immediately followed up and told senators that pricing was obtained from two other firms but Experian had the ability to scale up quickly in an emergency situation.
Weeks after the hearing, Revenue Department spokeswoman Samantha Cheek named the other two companies that Nelson Mullins had obtained estimates from as Citreas and Identity Force.
Obtaining pricing information from Experian competitors and examination did not include reaching out to them.
Neiditz said he had pre-existing pricing information from various cyber security companies and knew Experian could offer the best deal. The leaders of other firms have disputed that assessment.
Neiditz said Monday that Thad Westbrook’s statement during the hearing caused confusion.
“It wasn’t clear,” Neiditz said. “It led to the impression that other companies had been contacted….I mentioned those vendors to him.”
Some senators have expressed concerns about the state’s NO-BID contract with Experian.
Anderson GOP Sen. Kevin Bryant said it’s worrisome that no other companies were approached following the breach.
“This snowball just keeps getting bigger and bigger as time goes by,” Bryant is co-chairman of a new oversight panel tasked with looking into the cyber attack.
Normally, state contracts are struck following a request for proposals from various companies.
The law states “competition as is practicable SHALL be obtained.”
Neiditz recommended Experian to his firm, which then recommended Experian to the state. Nelson Mullins and their attorneys are being paid an estimated $100,000 for its work assisting the state.
…EXPERIAN and two competitors as Thad Westbrook and Cheek said, but NEVER contacted any of them before deciding on Experian.
Neiditz said he first contacted Experian on Oct. 23, three days before the breach was announced.
Etter had told senators during the hearing that Experian was first contacted on Oct. 25.
The Secret Service alerted state officials to the breach on Oct. 10.
“As a result, I don’t think that those business models received full consideration. Neither did other companies.”
The CEOs of Citreas and Identity Force said that their pricing would have been competitive with Experian and their services would have been superior in some ways.
Vendors likely would have been beating down the state’s doors and possibly could have provided a better deal…
Nelson Mullins and their attorneys are being paid an estimated $100,000
http://www.postandcourier.com/article/20121127/PC16/121129491/
Yeah, I am going to trust South Carolina with my identity…NOT