Columbia, SC (WLTX) -- A state house investigation in hacking took a surprising turn for lawmakers Thursday.
A House committee looking into the Department of Revenue data breach heard from Michael Garon, a former Department of Revenue employee at the meeting.
Before beginning the almost two hour hearing, Committee Chairman Bruce Bannister said the meeting would likely be their last, but by the end some lawmakers were calling for the panel to use whatever authority it had to bring DOR in to answer more questions.
"The timeline doesn't quite match. It seems that the knowledge of the breach came at an earlier time than what we thought, and the actions that were taken don't exactly jive with that timeline. We need to look a little closer at it. We don't wanna allege anything but we want this to be worked out and we want an honest assessment of what happened and who's responsible for it," said Berkeley County Rep. Jim Merrill.
House members came armed with questions for a former DOR worker who was asked to resign before their data breach came to light
"We're moving the ball but the direction that it's going is worrisome," said Merrill.
Garon was DOR's former Chief information officer. According to a job description online he was to administer all of the agency's technology needs, ensuring appropriate security controls were in place to safeguard digital files and vital electronic infrastructure.
He says he was employed at the time of the breach, but had been asked to resign before it was officially detected.
Garon told lawmakers that while there was no formal security policy in place, there were procedures for employees to follow.
"Apparently, and I don't have the details of this case, something happened -- either we did not follow procedures or the procedure was inadequate and if the procedure was inadequate then I take responsibility," said Garon.
He says he was never notified of the hacking but someone should have noticed the data breach, possibly within 48 hours, using a problem log of what went on with the system-- leading lawmakers to question who knew what when.
"It seems that we have in this hypothesis, a situation where somebody could have had knowledge of this -- and then started to plug a leak, I guess, take care of it internally, then it sort of exploded on them," said Merrill. "Until again on October tenth, when the secret service got involved and alerted and it became public knowledge."
Garon also told lawmakers there was a high turnover of employees and that the agency brought on contracted workers until full-time employees could be hired.
He said it was possible a contracted employee could have been assigned to overseeing those problem logs that should have alerted DOR to the hacking.
Now instead of concluding their investigation, lawmakers want to hear more from DOR.
"There are questions that seriously impugned their integrity that is coming out and in some cases even alleged knowledge they had which they did not divulge and it would seem to me that when the house of representatives is meeting to talk about their agency and its functions that they should show up."