COLUMBIA, SC — Gov. Nikki Haley’s Democratic rival called Thursday for the Republican to release details on how a hacker stole millions of taxpayers’ information, drawing the ire of state Senate GOP leaders.
“The people whose information was hacked into deserve to know what happened two years after it happened,” said state Sen. Vincent Sheheen of Camden during debate of the state budget.
Majority Leader Harvey Peeler, R-Cherokee, said Sheheen – who has made trouble in Haley’s cabinet agencies a central theme of his campaign to unseat her in November – should have started his speech from the Senate podium with “I approve this message.”
Sheheen fired back at Peeler, calling him “Nikki Haley’s hack.”
The still-secret report was compiled after a hacker breached the state Department of Revenue in 2012, stealing electronically filed tax returns for 3.8 million consumers and 657,000 businesses. Since then, the state has spent millions on security upgrades and credit monitoring for S.C. taxpayers.
Sheheen introduced a proposal that would have forced Haley to release the report, but it was ruled out of order for not relating closely to state spending.
An earlier effort to kill Sheheen’s proposal failed on a 21-21 tie, which Lt. Gov. Glenn McConnell, R-Charleston, broke by keeping the debate alive. Four other Republicans – Sens. Lee Bright, R-Spartanburg; Kevin Bryant, R-Anderson; Hugh Leatherman, R-Florence; and Luke Rankin, R-Horry – also opposed killing the proposal. Sheheen said he plans to revise his proposal and reintroduce it.
Two years after the hacking incident, Sheheen said, it’s “highly unlikely” that allowing the public to know what is in the report would jeopardize catching the as-yet-unapprehended hacker.
But Chief Mark Keel of the S.C. Law Enforcement Division, who came to the legislative chamber during the debate, and Special Agent Felica Rude with the U.S. Secret Service both said Thursday their agencies do not support releasing the report publicly. The ongoing investigation, Rude said, is a “high priority.”
Sen. Larry Martin, R-Pickens, asked Sheheen whether he was suggesting that law enforcement leaders were hiding something.
“In my experience, law enforcement always says to keep things secret,” Sheheen said, later adding law enforcement is not part of a cover-up. Their “goal is to catch bad guys,” he said.
“The Secret Service, SLED, and Sens. Peeler and Martin said everything that needs to be said,” said Haley spokesman Doug Mayer. “Senator Sheheen embarrassed himself, and should be more careful when trying to turn serious security issues into political games.”
Sen. Brad Hutto, D-Orangeburg, also called for the report’s release, saying its contents could reveal whether spending millions of dollars on credit monitoring for taxpayers – up to $6.5 million in the budget that lawmakers now are considering – is justified. The public has a right to know, he said, whether a $25,000 dual-password system could have prevented the hacking incident, as a security firm has said.
Hutto also said he was told, by sources who he would not disclose, that the hacker was paid off by the federal government in exchange for returning state taxpayers’ stolen information. Stealing and ransoming the data, Hutto said, is less risky for the hacker than trying to sell the information. Hutto said the payoff likely ended the threat to S.C. taxpayers, as evidenced by the lack of reports of fraud tied to the incident.
While the report is not available to the public, lawmakers can see it if they sign a confidentiality agreement. Only five copies are supposed to exist, one for each member of the S.C. Budget and Control Board, which Haley chairs.
No lawmakers have asked Haley’s office to see the report, including Sheheen and Hutto. Asked why they have not read the report, both said they did not want to be barred from discussing the matter.
Staff writer Andrew Shain and the Associated Press contributed. Reach Self at (803)771-8658