The South Carolina State Library has partnered with the South Carolina Department of Revenue and the South Carolina Department of Consumer Affairs to provide the public with information on how to minimize the possibility of identity theft. The free webinar, The Truth About Identity Protection, will address the issues of security breaches, credit reports, and enrolling in credit monitoring for South Carolinians.  Staff members from these state agencies will provide detailed information and resources and also be available to answer questions during this online session.

You may visit the South Carolina State Library website for details.

Please contact Tax On Wheels, LLC at 803 732-4288 if you have questions.

The South Carolina Department of Revenue has begun sending out letters notifying taxpayers about the theft of social security numbers and other information.  The letters confirm that only electronic filers are affected.   Taxpayers who have already signed up for the state provided identity theft protection are supposed to be notified by email.

Click here to review the details surrounding this issue and click here to read our recommended action list to help protect yourself from the risk of identity theft.  Or feel free to contact Tax On Wheels, LLC at 803 732-4288 if we may assist you with this issue.

In light of the debacle at the South Carolina Department of Revenue where confidential information for millions of taxpayers, including social security numbers, was stolen, credit monitoring has been a hot topic of discussion.  The state has paid for one year of credit monitoring through Experian for everyone affected.  But what happens when that year runs out.  There has been talk of the state possibly paying for a second year of credit monitoring for everyone but it is expected that everyone will pretty much be on their own when the year (or two) expires.

It turns out that there are free resources available for people who are unable (or refuse) to pay for credit monitoring.  This New York Times article provides details on free online services that may be a cost free alternative to paying for credit monitoring.

We have not reviewed or used these services nor do we recommend this or any other credit monitoring service.  We are simply providing information about available resources which you may find helpful.  As with any, online service, please make sure you check it out carefully and know the details before you sign up.

Please be sure to give Tax On Wheels, LLC a call at 803 732-4288 if you have questions about this or any other tax issue.

South Carolina taxpayers who are affected by the Department of Revenue cyber hacking incident will have an additional two months to sign up for free credit monitoring at www.protectmyid.com/scdor.

WIS Television in Columbia SC is reporting that the deadline for signing up has been extended until March 31, 2013.

–     Call 1-866-578-5422 to enroll in a consumer protection service. (The call center is open 9:00 AM – 9:00 PM EST on Monday through Friday and 11:00 AM – 8:00 PM EST on Saturday and Sunday.)

–      For any South Carolina taxpayer who wishes to bypass the telephone option, there currently is an online service available at http://www.protectmyid.com/scdor. Enter the code SCDOR123 when prompted.

The South Carolina Department of Consumer Affairs in conjunction with the South Carolina State Library is offering a free webinar to provide information on avoiding and detecting identity theft.  The webinar will be conducted on Tuesday, December 18, 2012 10:30 AM – 11:30 AM EST.

The webinar is free and open to the public.  Click here to register to attend.

Additionally, the South Carolina Department of Revenue and the South Carolina Department of Consumer Affairs, have partnered with the State Library to offer educational webinars designed to inform the public on how to enroll in credit monitoring and learn more about how to minimize the effects of a security breach.  The YouTube video of a previous session is included below for your convenience.

According to an article published in the State Newspaper, South Carolina tax filers who were subject to the social security number theft at the Department of Revenue will have a day to be able to sign up for the ProtectMyID identity theft protection without a computer.  Read the article for details.

Computer technology has become so ubiquitous that decision makers sometimes fail to realize that there is still a world full of people who live their lives (just fine thank you very much) without computers, smartphones, social networking or the internet.

Thankfully, the ProtectMyID service is supposed to be available to the Luddites on Saturday morning December 8, 2012.

It took a couple of weeks for the public to be notified of the theft of South Carolina tax information and a couple more weeks for useful information to begin to trickle out.  With that as the foundation of this issue it is apparent that speed is not going to save the day.  So there really is no need to get into a panic and rush through anything.  For those of us who have had our tax information stolen this will be a race of endurance, perhaps a lifelong struggle to secure our identity.

The SCDOR cyber theft heralds the end of a world where there is even a semblance of privacy.  If it ever did exist, privacy is certainly a thing of the past.  South Carolina is simply the biggest fish to get caught so far.   Even before the SCDOR hacking was announced to the public, a major insurance company contacted authorities regarding the theft of several thousand social security numbers in a similar cyber theft incident.  Folks, we are simply not in Kansas anymore.

Before we provide our list of recommended actions to protect yourself from these crimes, I would like to ask you a few questions.

  • Why is it that we have to take specific affirmative action to stop the credit bureaus from giving our private information to whoever is willing to pay them for it?
  • Why doesn’t the system require us to take some action to authorize the use of our information?
  • And if it is our information and it belongs to us why do they get paid for it?

While you are chewing on that let’s explore the grassy knoll a bit more and list a few things that I think you can do to protect yourself not only from the criminals working outside the system but also from the fine upstanding corporations who trade our identities like so many marbles after school at the neighborhood playground.

  1. Yes, by all means, sign up for the ProtectMyID/scdor free year of credit protection, as woefully insufficient as it may be and as complicit as the credit bureaus may be in causing you to need this protection.  Hen house meet fox!
  2. Credit protection will not protect your bank account.  Therefore you will need to determine how best to protect any account that was used to receive a state of South Carolina tax refund or pay a South Carolina balance due on any efiled tax return since 1998.  I struggled with the wording of this recommendation but I think the best thing I can say is “contact your financial institution and let them help you determine whether or not you need to close your bank account.”  There is an interesting article here that discusses the bank account issue.  One point raised in the article is that your bank account information is on every check you write so that information is already out there.  To which I would reply A. Who writes checks anymore and B. If we do write a check it is usually not written to Russian cyber criminals (unless you count birthday checks to the grand kids).
  3. Monitor your bank accounts daily or at least weekly.  If you are afraid of online banking it is time to educate yourself and overcome that fear.  It simply is not sufficient to wait until the monthly statement comes in the mail 30 to 40 days later.  By then the damage is done.  Sure the bank may replace all of your stolen money a few days or weeks later  but you are still the one that will have to go all over town explaining why your checks bounced if your money is stolen.
  4. Review every item on every credit card on every statement every month. And don’t let them talk you into getting online statements instead of paper statements unless you are a college student and your address changes every 9 months.  Online statements can easily get caught up in the rush of all the other junk email that comes into your in box. If you plan to be at your address for the next 20 years request the paper statements.  Besides, the post office needs the work.
  5. Purchase a high quality cross cut shredder and shred those bank and credit card statements after you have reviewed them for accuracy.  Do not let your information leave your house by way of the garbage.
  6. Promptly open and read every piece of mail that comes to your mailbox even if it looks like junk mail.  Some of that mail may hold clues that something strange is happening with your credit information and allow you to nip it in the bud.
  7. Go online and Google yourself (ask your grand kids if you don’t know what that means).  You might be surprised at all of the information about you that is already floating around out there for anybody willing to look for it.  And its all legal.  Available data include your birth date, the price you paid for your house, a picture of your house (both aerial and street view) with a map to your house, a list of your relatives, your arrest records, your occupation, your education and who knows what else.  And this is for anybody with an internet connection.  Just imagine what can be found by people with special tools, training and a bit of larceny in their hearts.  The point is that there is no such thing as privacy.  Govern yourself accordingly.

This list is still evolving and may grow as we find new information so check back often.

If you need assistance with the issues raised in this post please feel free to contact Tax On Wheels, LLC at 803 732-4288.

 

The released version of the Mandiant report can be found here.  Not much volume in the report.  It appears to be more of an executive summary.  The entire document is only 4 pages long (and one of those pages is the cover page).

But it doesn’t really matter much since the report mostly focuses on who did what, how they did it and when they did it.  I am sure the law enforcement types will be very interested in this type of information.  But for those of us concerned about protecting ourselves from the perils of this incident there simply isn’t any useful information here.

The press conference (see below) provided more interesting revelations.

The state confirmed that bank account numbers were in fact stolen. 

Apparently everyone affected by this data theft will be contacted by the state.  The state has indicated that they have a much better idea of exactly who is affected.  It appears that only taxpayers who filed electronically were exposed.  Paper return filers appear to be unaffected.  I hope the state will implement some sort of public relations campaign to reassure taxpayers that electronic filing and direct deposit will be a safe and secure process going forward.  You can see how the public might arrive at the conclusion that it is safer to mail a paper return and receive a paper refund check.  Tax On Wheels, LLC has always encouraged clients to e-file and use direct deposit and direct draft to receive refunds and settle balances due.  It would be a shame to see 20 years of progress lost to this incident.

The only other big announcement is that the director of the SC Department of Revenue will commit hara-kiri effective the end of the year by resigning.

Stay tuned for our client recommendations related to this incident, we are still researching the details but we hope to post the recommendations in the next day or two (maybe three with the holidays).

Other than that just see the press conference for yourself and form your own opinions.

This looks as bad as we suspected it would be.  We have not read the report but several news outlets are reporting key details.

The Post and Courier in Charleston has the best summary right now

1.  Yes, the thieves stole bank account information in addition to social security numbers.

2.  The State knows exactly who had their information stolen and who is not exposed.  Apparently anybody who filed paper tax returns and did not filed electronically for any of the affected years  is “safe”.

3.  The Director of the Department of Revenue will resign by the end of the year.

Tax On Wheels, LLC will probably have specific recommendations for our clients after we read the report.  We will post our recommendations here for anyone who is interested.

 

 

As we try to find out what has happened, and who it has happened to, in the SC Department of Revenue cyber hacking cases the details have been painfully slow in coming to light.

State officials have drifted into basic radio silence with no new press conferences since the initial flurry near the beginning of November.  And while everyone seems to have calmed down since the initial panic, the whole cyber hacking  affair seems to have fallen into something of a stasis.  Not much new has occurred since the announcement of ProtectMyID from Experian, which given the magnitude of the potential problem, seems to be woefully inadequate at just one year of coverage.

Even though we still don’t know much about what happened, the State Newspaper has a good  article summarizing what we know and don’t know about the cyber hacking as well as a list of questions we still need answered.  The article can be found by clicking here to go their website.