SC Agency Says Hacker May Have Accessed Personal Info of Thousands

EIP Security Breach (Added: January 18, 2011)

The personal information of about 5,600 people may have been stolen when a hacker broke into a computer at the SC Budget and Control Board's Employee Insurance Program. (more)

0 Ratings | 74 Video Views

Post a Comment or Rate this Video

» View More Videos

By: Robert Kittle | WSPA-TV
Published: January 18, 2011
Updated: January 18, 2011 - 6:11 PM

Columbia, SC --

The director of the South Carolina Budget and Control Board's Employee Insurance Program says a hacker got into an agency computer last November and may have accessed the personal information of about 5,600 people.

The program provides insurance for state employees, including teachers, as well as retirees and their families.

Program director Stephen Van Camp says the hack occurred within ten days before November 18, 2010, which is when it was discovered. An employee with the EIP opened an email with an attachment and the attachment launched a hacker virus.

Van Camp says the hacker may have accessed people's names, addresses, Social Security numbers, dates of birth and benefits ID numbers, but no health or medical records. The attack was limited to one computer, not a server or the entire program.

The program sent letters on January 14 to the people whose records may have been accessed letting them know how to put a free security freeze on their credit report and how to get a free copy of their credit report. The agency also reported the hack to the credit bureaus.

Anyone in the program who hasn't received a letter is not affected.

Van Camp says it took almost two months to send out the notifications because the agency had to first reconstruct everything that happened on that computer during the ten-day period to figure out whose information may have been accessed.

The Budget and Control Board is chaired by South Carolina's governor, so the hack occurred before Gov. Nikki Haley was a member of the board. But now that she chairs it, she says changes have already been made.

"It's not anything that we want in South Carolina. It's certainly not something to be proud of," she says of the security breach. "What I am proud of is that we have new leadership on the Budget and Control Board with Eleanor Kitzman. She is on it. We called her immediately. She was already on it when we called her."

Van Camp says the program has new hardware and software in place to try to prevent future hacks. He says investigators think the hacker was from outside the U.S.

No one has contacted the agency so far, he says, to say their personal information has been misused.