In August 2012, the South Carolina Department of Health and Human Services disclosed that a former agency employee, Christopher Lykes Jr., had accessed the state’s Medicaid eligibility database after resigning and used his still-active credentials to extract data on approximately 228,435 Medicaid beneficiaries. The stolen data included beneficiary names, Social Security numbers, addresses, Medicaid ID numbers, dates of birth, and claims information. Lykes allegedly posted some of the data online. He was arrested in July 2012 and ultimately convicted of federal and state computer crimes. South Carolina DHHS disclosed the breach to affected beneficiaries and offered one year of free credit monitoring. The breach highlighted several security failures: failure to promptly revoke access credentials when employees depart (a common and persistent problem across industries), insufficient monitoring of privileged database access, and inadequate data loss prevention controls. The incident is one of the more prominent insider threat cases in the healthcare government sector and is frequently cited in discussions of offboarding security procedures and the risk posed by former employees retaining active credentials after termination.