ProtectMyID is a free service that is paid for by the State of South Carolina. Do not give anyone your credit card number for anything related to the data breach at the Department of Revenue.
We have helped many people here over the past few days, mostly with directions on how to get to the right place. We notice that there seem to be quite a few elderly people having difficulty trying to navigate this process. It sounds like this is the first time many of them have turned on the computer since the grand kids came to visit this summer. This could be a recipe for disaster. What we may find is that the cure may be worse than the disease. In the rush to do something in panic we may create more identity theft incidents than the original data breach.
Case in point, one elderly couple who called us seemed quite adept at following our instructions to get them to the correct web site. We directed them to our website so that they could click thru to the proper www.protectmyid.com/scdor website. But no matter how many times they did it correctly, the ended up on a website that wanted them to pay $15 using their credit card. My guess is that they have some sort of virus on their computer that hijacks their web traffic to pirate sites.
This could get ugly.
We are updating What we think we know about protectmyid/scdor 2 here with the little we have been able to find out so far. But I want this topic to be at the top of the blog list for anyone who needs to get up to speed quickly.
The State Newspaper in Columbia has published an article that doesn’t mince words.
A common theme that seems to recur in the questions that we are fielding at Tax On Wheels, LLC is how do I find out if my information is in the group that was compromised?
We have not been able to find any announcement from the state of South Carolina indicating whether there are certain groups of taxpayers who are more at risk than others in regard to the hacking incident at the South Carolina Department of Revenue. As far as we can tell everyone is at risk and needs to follow the instructions provided by the state.
Dependents who were listed on the tax returns filed with the state are at risk as well and need to be considered when deciding how to protect your information. There was discussion at the press conference this morning of a “family plan” which is designed to protect dependent children.
If anyone is asking for your credit card number or is otherwise trying to charge you money you are probably in the wrong place.
There is no urgency here folks. The damage is done. We recommend that you slow down and fully understand what we are doing here. The criminals will be in full bloom on this issue and if you are not careful you could make a bad situation worse by giving your information to the wrong people.
If there are any news media representatives reading this we encourage you to do basic step by step stories to help people understand the issues here. Many people just don’t seem to understand how this works. There are elderly people calling Tax On Wheels, LLC in a panic because not only do they not have an email address, they don’t have a computer or even know how to operate one. So how are they supposed to sign up for the protection offered by the state.
There seems to be a bit of a panic setting in, and we urge everyone to remain calm.
Update November 2, 2012
The South Carolina department of Revenue has issued a PDF document that summarizes the events surrounding the recent security breach and their recommended actions. Click here to view the document.
There is also a new web page that provides information about the incident including information for businesses exposed to the security breach.
We have had two press conferences and we still don’t know the extent of the damage. We know that only expired credit cards were stolen, so no problems there. But no one has publicly indicated whether we should be concerned about the checking and savings accounts that are attached to tax returns for the purpose of direct depositing tax refunds or paying balances due. Clients are asking if they should start closing their bank accounts to prevent problems. Right now we just don’t have an answer to that question.
The press conference has ended and it looks like we still don’t know very much.
News organizations have begun putting up stories.
Here are some that seem relevant
2. The Post and Courier in Charleston
4. WIS Television in Columbia “Credit protection is retroactive”
5. The State Newspaper in Columbia “Data Breach about the worst you can get”
6. Silobreaker a national/international news aggregation website collects some stories
8. WMBF in Myrtle Beach/Florence “How the SCDOR website breach affects your family”
9. WYFF4/NBC news in Greenville “How to Protect Your Children in the SCDOR Security Breach”
10. The New York Times finally gets in on the story
We will continue searching for relevant stories and add to the list as we find them.
The national news media has been eerily silent about the South Carolina data breach. I guess they are all busy reporting on the “FrankenStorm” aka Hurricane Sandy. Both the storm and the story have just about run their course, so hopefully the majors will begin to weigh in on the South Carolina story.
During the press conference on Tuesday morning State government officials indicated that only 5000 credit card numbers were taken and all 5000 were expired. So no active credit cards were taken. No mention of checking or savings accounts which were linked to tax returns for the purpose of direct deposit of tax refunds or balance due payments.
Video information on ProtectmyId
We posted this IRS resource on an earlier post.
IRS representatives have just distributed to tax professionals a link to a similar page here.
And we have some generic identity theft tips in our TaxTips newsletter here.
The press conference just ended, and it sounds like the authorities are not able to tell us much more than we already know. I will try to post some links to news stories from the media as they are posted.
Click here to view “What we think we know 2”
We have gotten many calls about the incident with the South Carolina Department of Revenue security breach and we are happy to help as many of you as we possibly can.
In order to assist as many people as possible we will update this blog as official information becomes available.
It appears that as of now if you want to protect your own social security number and the social security numbers of other family members, such as a spouse or elderly parents, you will need to have a separate email address for each social security number. This appears to be a limitation in the system as of Sunday October 28, 2012.
We just spoke with a client who was able to use the same email address for both spouses by using a separate userid and password for each spouse. So it appears that multiple email addresses are not required.
There is a press conference scheduled for Monday October 29, 2012 at 10:00 am. We recommend that you not take any action until after that press conference and perhaps the situation will be a little less confusing.
Welcome to Tax On Wheels, LLC
Please visit our blog to read the latest information on the South Carolina Department of Revenue security breach
If you are trying to reach the website to sign up for the free year of credit monitoring due to the South Carolina Department of Revenue security breach click here.
The website offered by the state of South Carolina Department of Revenue for tax filers who may be potential victims of identity theft is back up and online as of Sunday night. You may click through to www.protectmyid.com/scdor. The code needed to access the website is widely being reported by the media as “SCDOR123”.
It is also being reported that authorities will hold a press conference Monday morning October 29, 2012. Hopefully, this event will provide more specific information on what is at stake and how tax payers can better protect themselves.
We continue to recommend to our clients that you not take any action related to this incident until the dust settles. This problem will persist for months if not years and we see no advantage to being first in line to take advantage of the limited resources that are being provided at this time.
As always, you should be vigilant about protecting your credit and other financial matters. We have provided some generic tools to use in protecting your finances in our newsletter, TaxTips. You may click here to download a PDF version of the latest TaxTips newsletter.
The problem, as we see it, is that criminals will still have access to our social security numbers long after the one year of free credit monitoring has expired. And the question becomes, what then? Right now that question has not been addressed.
I suspect that this is a large enough breach of security that, at least in South Carolina, we may begin to implement laws which provide consumers with the ability to control their own credit profiles, rather than allowing that information to be at the mercy of profit making ventures which do not exercise sufficient care and diligence to eliminate this type of threat . Perhaps we will discuss this in more detail later.
For right now the watch phrase seems to be hurry up and wait. So let’s see what they have to say Monday.
As always, please feel free to contact Tax On Wheels, LLC at 803 732-4288 if you have questions or concerns.
This post is no longer valid and has been updated here
As of Sunday afternoon, October 28 2012 the ProtectmyId.com/scdor website appears to have been purposely taken down.
This is what you see when you click on the protectmyid.com/scdor link
