If you thought you were getting off easy when the South Carolina Dept. of Revenue didn't show up in your mailbox late last year when the first letters notifying S.C. taxpayers that their filing information was one of the 3.6 million stolen from state servers during a security breach that began in September, check your email.
This week, an unknown number of emails are being sent to unlucky taxpayers from "Experian on Behalf of South Carolina Department of Revenue"—Experian is the Ireland-based international credit monitoring company contracted with the state to provide monitoring services at no cost to taxpayers.
The emails are being sent over the next week, the Department says, to those who signed up for Experian's 'ProtectMyID' service after state officials advised all those who had paid taxes in S.C. since 1997 to take the necessary precautions by signing up for the free monitoring, which normally normally carries nearly a $200 a year price tag, according to the company's website.
Breach notification EMAILS are being sent from Experian to those already enrolled with ProtectMyID - emails will be sent through next week.
— SCDOR (@SCDOR) January 30, 2013
In all, 3.6 million taxpayer records were compromised in addition to more than 657,000 business filings and 16,000 credit cards thought to have been exposed by the hacker, who officials suspect operated from overseas. The agency mailed letters to those who had not signed up for ID theft monitoring beginning in early December.
In response to the breach, the state came to an additional $10 million agreement for a second year of Experian coverage for all South Carolina taxpayers and Gov. Nikki Haley announced the resignation of Dept. of Revenue director James Etter. The agency has reportedly undergone substantial changes as the state rethinks its approach to cyber-security, touted as a major priority from lawmakers in both parties in the new legislative session.
Have you received an email? Let us know what years you filed: firstname.lastname@example.org