In October, the South Carolina Department of Revenue discovered that it had been breached and contacted Mandiant to assist in the investigation and response. All told, millions of social security numbers and hundreds of thousands of bank/credit card numbers had been stolen.
In November, Mandiant published their findings. This is exciting. All we usually get is a news article lacking in technical detail. This we can actually learn from.
My goal in this blog post is to explore what, in hindsight, the S.C. Department of Revenue could or should have done better. Please read the Mandiant report before you move on.