As the state continues to reel from the hacking scandal at the Department of Revenue, the news that it might have been prevented by filling a single security position is simply staggering.
According to testimony in a hearing recently before a Senate committee investigating the breach, the Department of Revenue’s top cyber security position went unfilled for almost a year until last August because the state couldn’t find anyone to take the job for the proffered $100,000 salary.
In hindsight, paying the going rate would have been a bargain. A cyber security specialist might have identified problems and installed needed safeguards before the system was breached in September.
And that wasn’t the only costly omission, as the committee learned.
A $25,000 system that the state is putting into service could have prevented the breach at the DOR by adding another password requirement for those logging on remotely.
That might have countered the credulous DOR employee who was tricked into providing access to the hacker, who stole the tax data of some 3.9 million taxpayers.
The ad hoc Senate committee will continue to hold hearings periodically until the Legislature returns to session in January, and then issue a report on its findings.
It should provide needed oversight and accountability on a matter of vital concern to virtually everyone in the state.
While Sen. Kevin Bryant, R-Anderson, takes the cabinet agency to task for its shortcomings, he does agree strongly with Gov. Nikki Haley on one issue – the need for state residents to contact the Internet security firm Experian for protection.
So far, some 900,000 taxpayers have taken advantage of the protection provided by the state through Experian.
It’s time for taxpayers to contact Experian to ensure that protection will be extended before the Jan. 31 deadline.
There no sense in compounding the state’s errors with procrastination.