It didn't take the Internal Revenue Service long to set the record straight after Governor Nikki Haley put the responsibility of the security breach on the Department of Revenue computer system on what she described as lax IRS standards.
Governor Haley has presided over the public relations effort of one of the largest cyber attacks of any government agency in the history of the United States.
Now, less than a month after going public with news of a hacker stealing the personal information of more than 4 million taxpayers and businesses, Haley's Department of Revenue chief resigned. And the governor has shifted blame to the federal government.
"When you combine the fact that we had 1970 equipment, combined with the fact that we were IRS compliant...[it]was a cocktail for an attack," said Haley. "And, the reason why I say that is because the IRS, which we were compliant with, does not believe you have to encrypt Social Security numbers."
The IRS responded early Wednesday, refuting the governor's claim.
In an e-mail, IRS spokeswoman Michelle Eldridge wrote:
taxpayer data is our top priority at the IRS. We have many
different systems with a variety of safeguards -- including
encryption -- to protect taxpayer data. The IRS has in a place a
robust cyber security of technology, people and processes to monitor IRS
systems and networks.
work closely with the states to ensure the protection of federal tax data. We
have a long list of requirements for states to handle and
protect federal tax information. Just as importantly, we expect the states
to follow the standards of the National Institute of Standards and
just received the letter from Gov. Haley, and we will be reviewing it."
Haley's claims about the IRS came within minutes Tuesday of admitting the state and the revenue department didn't do enough to protect taxpayer data.
"We had two vulnerabilities," said Haley. "One was that we had no dual verification to get into the system, the second one was that the encryption of the Social Security data wasn't there."
"We should go above and beyond," Haley continued. "I want to make it very clear -- we didn't do enough and we should go above and beyond to make sure that we do."
The governor says she's meeting with the state's congressmen to have the IRS require encryption in its standards. But the IRS says that's already on the books.