Gov. Nikki Haley outlined on Tuesday what exactly happened to cause the personal information of at least 4 million South Carolinians to be exposed and stolen by international hackers.
A report from Mandiant, a company that analyzes computer security systems, says the hacker got inside the Department of Revenue's servers with some help from a careless employee on Aug. 13 when that employee clicked a link inside a phishing email.
When that happened, malware loaded onto the user's computer, giving the hacker everything they needed.
Between August and September, the hacker used the worker's credentials and got inside the agency's servers. No one in state government ever knew it happened until they got a call from the feds two months later.
"The main question I asked Mandiant yesterday was did we have a chance to do a better job? And we did," said Haley.
Haley announced Tuesday she accepted Revenue Director Jim Etter's resignation.
Haley appointed Etter in January 2011. When he was first appointed, Haley says she asked him about the state's security systems. She says Etter told him the state was in compliance.
The problem, Haley said, was a mixture of DOR's 30-year-old technology and the fact the agency did nothing to encrypt taxpayer's Social Security numbers.
Haley said this hack could have happened long before it did.
"Let's keep in mind, you've got old equipment and you've got compliance that's old, you put those together and it would have happened," said Haley.
During her many her news conferences, the governor said she wasn't looking to fire anyone over the hack. Now, Etter has agreed to resign amid the worst cyber attack of a government agency in the state's history.
Etter will stay on through the end of December before turning the tax agency over to Bill Blume. Blume currently heads the state's employee retirement and insurance programs.
We still don't know where the hacker is, or how close the feds are to tracking this person down.