Columbia, SC (WLTX) - The South Carolina Budget and Control Board says sometime in November, they plan to award a contract that would provide cyber security training for all state employees.
Budget and Control Board Executive Director Marcia Adams says state employees won't be able to access the online training until 2014.
The board met Thursday for it's first meeting since the one year anniversary of an international hacker stealing data from the state Department of Revenue.
"One year later, although I'm really grateful for some of the stuff we've done, there's still a lot of unanswered questions," said State Senator Darrell Jackson, a Democrat from Richland County.
Some said the response to 3.8 million social security numbers and 387,000 credit card numbers being stolen was unprecedented.
"I personally think the best change that has happened within our cabinet and everything else is they don't' start meetings without talking about security first, especially within the department of revenue," Governor Haley said earlier this month.
Even though it's been a year, experts say you will continue to have to think about the security of your identity.
"When an identity thief uses one method and it's discovered by law enforcement, within days, maybe hours, they're using a separate trend," said John Valdario, and investigator with the South Carolina Attorney General's office. "You need to do everything you can to keep yourself safe and that means being stingy with your information."
Not only should you do things like shred private paperwork, but be careful what's posted about you online at sites like Twitter and Facebook.
"People have to pay attention," said law enforcement consultant Carol Frederick.
According to Frederick, if a crook has the right information, stealing an identity isn't hard. "It is easy and it can happen to anyone," she said.
In the past year, the state hired auditing firm Deloitte & Touche to asses IT security in a two part plan.
"We have unfortunately become the template of what can happen," Senator Jackson said. "The good news is we can become the template of how to respond to this."
In part one, the agency will find vulnerabilities in the state's IT infrastructure. Recommendations on how to fix those vulnerabilities were made earlier this year in a published report.
Now, the company is in a second phase and has completed audits at nine of fifteen cabinet agencies.
The state is also working to develop a training curriculum for employees and will begin administering the program in the new year.
"I think there need to be more informative sessions with the policy makers so that we know what's going on," Sen. Jackson said. "Quite honestly, we need to be better educated."
One year later, the Division of State Information Technology is monitoring every cabinet agency computer around the clock.
At the Department of Revenue, they've made it harder to log into a computer by requiring a code that changes every thirty seconds.
It's all because of an international hacker that the public doesn't know much about.
"Our goal is to find that hacker," Governor Haley said earlier this month.
SLED is the agency working to find the hacker and says their investigation is open and ongoing. We've asked for more details and are told they can not be released because of that open investigation.
"I can tell you what I'm being told: that law enforcement is working on it," Jackson said. "That's all I know."
Jackson says he wants to know more about the criminal who tampered with Revenue Department servers in August and September of 2012. State officials didn't learn about the breach until October and then waited almost two weeks to tell the public.
One year later, with many questions still unanswered, Senator Jackson believes lawmakers at the Statehouse will press for more answers in the upcoming legislative session through called hearings.
"I can't sufficiently answer how it happened," Jackson said. "Or answer what is being done to bring this person or these people to justice."