Hacked database affects 32,000
By Jim Hopkins
USA Today
In the second case of its kind in the past month, a company said yesterday that thieves had stolen Social Security numbers and other data on up to 32,000 U.S. consumers.
LexisNexis, a data broker, said it discovered the breach in the past 10 days in a review of procedures at Seisint, a Florida firm it bought last year that already was the subject of controversy.
LexisNexis said it referred the case to federal law enforcement officials. The FBI said it is investigating.
The company will notify the 32,000 consumers whose identities may have been stolen. And it will help them monitor credit reports and other accounts for signs of mischief, such as unauthorized purchases.
The disclosure follows that of rival ChoicePoint, which last month said thieves may have gotten access to at least 145,000 Social Security numbers and other consumer data. Also, DSW shoe stores said Tuesday that a hacker stole credit card and other data of customers at 103 of its 175 stores in the past three months.
The news prompted consumer watchdogs and lawmakers to call anew for legislation to stop data break-ins. "We'd better get our arms around identity theft or else no American is going to have privacy," said Sen. Bill Nelson, D-Fla. Nelson yesterday introduced a bill that would give the Federal Trade Commission regulatory power over information brokers such as LexisNexis and ChoicePoint.
LexisNexis said the data tapped by thieves included names, addresses and some driver's license records and Social Security numbers. It did not include credit histories, medical records or financial information. Seisint of Boca Raton, Fla., collects public data on virtually every U.S. adult, selling it to companies and to law enforcement agencies.
LexisNexis was checking the company's security and other procedures when it noticed irregularities in a "handful" of customer accounts. Further inquiry uncovered evidence thieves had accessed — and possibly copied — data on up to 32,000 consumers.
LexisNexis said it is beefing up password and other procedures for Seisint customers to prevent future thefts.
Seisint created the controversial Matrix tool giving law enforcement officials the ability to analyze records about Americans for suspected terrorists.
Experts on data crime say the number of Seisint records tapped is small when computer hackers often steal hundreds of thousands at a time.
But the case's greater impact will be to put more pressure on Congress to pass bills that experts say are often opposed by the data industry.
Besides Nelson's bill, Sen. Dianne Feinstein, D-Calif., reintroduced in January a version of a California law that requires companies to disclose data theft.
