At an October 21 press conference in front of Charleston City Hall, SCDP Chair Jaime Harrison said the state party will host eight silent vigils in the state, and to remind citizens of their still ongoing risks from the hacking of a state website under Haley’s watch last year.
“Over the next week, South Carolinians will gather in local communities to mark the 16 days that Nikki Haley hid the truth from millions of people,” Harrison announced.
Exact times and locations of the events are still being scheduled, according to Kristin Sosanie, communications director of the state party.
Data including the names, addresses, Social Security numbers, unencrypted bank account information and credit/debit card account numbers of about 3.8 million South Carolinians was stolen last year from the state Dept. of Revenue’s site. Similar financial information of almost 700,000 businesses in the state was also hacked from the same website.
“This was the failure of Nikki Haley,” Harrison said.
U.S. Secret Service first discovered the hacking from a foreign Internet address on Oct. 10, 2012, and immediately informed state offices, including Haley’s; the state didn’t block hacker access to its sites until 10 days later.
No public announcement about the incidents was made until Oct. 26, 2012.
“The question is, then,” Harrison asked today, “is [Haley] fit to be governor of South Carolina, not just because of the hacking but for covering it up for two weeks?”
The Privacy Rights Clearinghouse told Charleston’s Post & Courier that the incident was “the largest hacker-related data breach [it] has heard of involving a state government(.)”
The personal risks of the cyber attack could be still be ongoing for five years, Harrison said.
Harrison also criticized Haley’s response to the situation after its public announcement, stating the contract for citizens’ free-year credit monitoring was made without competitive bids, and through a company that used the opportunity to request users pay for additional services. In addition, he noted, the $12 million cost of that Equifax contract was assumed by all taxpayers in the state.
He did encourage state residents to use the offer for one-year extension of that service, however.
South Carolina citizens and businesses may begin application for credit monitoring with CSIdentity Corp. on October 24, the state Budget and Control Board announced earlier this month.
“This problem will outlast [Haley’s] administration,” Harrison said, “even when she’s long gone from the governor’s mansion.
“The sad part is she’s just sweeping it under the rug.”
While certainly the best known and most damaging, the October 2012 incident wasn’t the only risk to citizens’ private data last year under Haley.
In April 2012, the state Dept. of Health and Human Services inadvertently released almost a quarter-million private medical records. In December 2012, South Carolina’s Dept. of Employment and Workforce website was shut down by a hacker.