Help your clients affected by massive South Carolina taxpayer data breach
Hacker illegally obtained millions of SSNs, thousands of credit and debit card numbers
South Carolina Department of Revenue officials announced Friday that 3.6 million Social Security Numbers (SSNs) and 387,000 credit and debit card numbers belonging to South Carolina taxpayers may have been exposed in a cyber attack. According to officials, 16,000 credit card numbers were unencrypted. The attack originated from a foreign Internet address.
According to the South Carolina Department of Revenue, attempts to breach the system began in late August, with repeated attempts through September, when the hacker gained access to taxpayer information. On Oct. 20, the system breach was closed.
According to one report in The Charlotte Observer, the stolen data included other information associated with tax returns, such as names and addresses. The Charlotte Observer also reported that business Taxpayer Identification Numbers were potentially exposed in the attack. Calls made by Beyond415 researchers to the South Carolina Department of Revenue to confirm whether any Employer Identification Numbers were part of the breach were not returned.
Here’s what you can do now to help your clients
Determine whether your client has been affected. If your client has filed an individual or a business state tax return for South Carolina since 1998, call the South Carolina Department of Revenue at (866) 578-5422 to determine whether your client has been affected. South Carolina is providing affected taxpayers with one year of credit monitoring and identity theft protection.
If your client has been affected, follow these steps:
- If your client’s credit or debit card has been compromised, have your client contact his or her bank to request that the bank cancel and reissue the card.
- Enroll your client in Experian Identity Theft Protection, provided by the South Carolina Department of Revenue.
- Have your client regularly review credit reports for discrepancies.
- Place fraud alerts and a security freeze on financial and credit information with the three credit bureaus:
Stay up to date on developments. Visit http://www.sctax.org/security.htm and www.scacpa.org for updates on the extent of the information breach. According to South Carolina officials, SSNs and credit and debit card numbers were exposed. It remains unknown whether other critical information was exposed, such as dependent SSNs and adjusted gross income amounts.
Use IRS resources. An IRS official advises tax professionals to share IRS online tool kits with their clients and other tax professionals to help initiate action to protect their identities.
- Taxpayer guide to identity theft: http://www.irs.gov/uac/Taxpayer-Guide-to-Identity-Theft
- Identity protection: http://www.irs.gov/uac/Identity-Protection
- Additional resources: http://www.irs.gov/uac/Helpful-resources:-Publications,-articles,-YouTube-videos-and-other-identity-theft-related-outreach
Use Beyond415 identity theft guidance and workflows. The identity theft process is one of the dozens of post-filing issues covered in Beyond415. Use the system’s guidance, documents and workflows to report your client’s tax identity theft to the IRS. With Beyond415, you can also set follow-up reminders to ensure your client remains protected from tax identity theft.
Authoritative and up-to-date practice and procedure guidance at your fingertips.
Starting at $19.95 per month
Workflow automation helping small firms save time and handle post-filing issues with confidence.
Starting at $39.95 per month
Expanded workflow automation designed to help large firms standardize their processes and reduce unbillable time.
© 2010-12 New River Innovation, Inc. All Rights Reserved. Patents Pending.