Armed Polite Society

Main Forums => Politics => Topic started by: Waitone on October 27, 2012, 11:23:26 PM

Title: SC Dept of Revenue Hacked
Post by: Waitone on October 27, 2012, 11:23:26 PM

http://www.thestate.com/2012/10/26/2496396/south-carolina-taxpayers-privacy.html

Just lovely!  DoR hacked.  A few details
--Secret Service detected the breach, not SC geeks
--Took 10 days to close the breach, six more days to inform the public
--387,000 credit card and debit cards exposed
--3.6 milllion social security number compromised.
--First attack occurred 2 months earlier and the state did not know of it.

And my personal favorite

Quote

Most of the data had not been encrypted, meaning the hacker would not need a key to a secret code to read the stolen data.

My second most favorite is when the state got around to hiring someone who knew what the hell they were doing they discovered they had been breached one month earlier

Un'effin' believable. <breathes deeply, focuses on a distant object, goes to a safe warm place>
Screw that . . . . I want head bouncing down the state house steps.  [ar15]

Title: Re: SC Dept of Revenue Hacked
Post by: Scout26 on October 27, 2012, 11:39:49 PM

Hey, Jocasse and Avenger 29.

Im haxin in ur bank accounts.....

and *expletive deleted*it, there's nothing there but cobwebs and pocketlint.


You guys need real jobs....

 :P :P

Title: Re: SC Dept of Revenue Hacked
Post by: kgbsquirrel on October 27, 2012, 11:52:18 PM

 :facepalm:  Why again isn't this sort of thing airgapped?

Title: Re: SC Dept of Revenue Hacked
Post by: birdman on October 28, 2012, 08:18:32 AM

Quote from: kgbsquirrel on October 27, 2012, 11:52:18 PM

:facepalm:  Why again isn't this sort of thing airgapped?

Now a days, airgapping is exceedingly rare.  And even then, it never works (just ask Iran)! Because it relies on everyone that has access not being complete idiots.  Since the human race is dominantly composed of idiots, any system that is useful (ie has many users) WILL have idiot users, and thus, air gapping won't work.  The only way for a system to be truly secure is for it to be off, physically secure, and have no users whatsoever.  Of course, then it's useless.

In ITSEC, it's a trade between utility and security.  PERIOD.

Title: Re: SC Dept of Revenue Hacked
Post by: lupinus on October 28, 2012, 08:44:11 AM

That be our lovely state.

That part that pisses me off isn't even so much that there was a breech. It's that the *expletive deleted*ing thing wasn't detected and that all the info wasn't *expletive deleted*ing encrypted.

Title: Re: SC Dept of Revenue Hacked
Post by: Waitone on October 28, 2012, 11:42:18 AM

Yeah, the no encryption part chaps my rear end. 

Title: Re: SC Dept of Revenue Hacked
Post by: Waitone on October 28, 2012, 07:42:31 PM

It seems the federales think it was Russian hackers to who broke in AND the reason for the delay is cooperation with a federal investigation.

Also it appears someone (federales) has ransomed the stolen data.

http://www.fitsnews.com/2012/10/28/who-hacked-south-carolinas-revenue-department/