COLUMBIA, S.C. (12/10/12)--The South Carolina Department of Revenue last week received court approval to release the 3.3 million financial institution account numbers compromised in an October data breach to determine which taxpayers' accounts are at risk.
In the Court of Common Pleas for Richland County, the Revenue Department summoned the South Carolina Credit Union League (SCCUL) and South Carolina the Bankers Association (SCBA) and asked for an exemption from the state law that prohibits release of any tax return information (The Post and Courier Dec. 7).
The state Department of Revenue required permission from a judge because the agency is not allowed under state law to release the information to the financial institutions without a judicial order. Credit unions and banks now can request their account numbers.
Judge James R. Barber III ordered the agency to provide the account numbers as soon as possible.
"With this decision given, we and the SCBA are identifying the best method for providing our member institutions the information our taxpaying members and customers need to protect themselves," Steve Fowler, SCCUL president/CEO told News Now. "Once complete, these procedures will dictate that information is provided only at the request of the account holder, and that in return it is accessed solely for resolution to potential identity theft and fraud--nothing more."
As many as 3.8 million individual taxpayers, 1.9 million dependents, 699,900 businesses, 3.3 million bank accounts and 5,000 expired credit card accounts were compromised, according to to Mandiant, a cyber security company hired by the state to investigate the incident.
The data could be used to steal identities, make fraudulent purchases and illegally access bank accounts, according to experts.
The breach was initiated when someone clicked on a malicious "phishing" e-mail sent to multiple Revenue Department employees in August.