Login:
Password:
Lost Password?
Print this article  |  E-mail this article  |  Comment on this article

LexisNexis Breach Worse Than Thought

By Nate Mook, BetaNews

April 12, 2005, 10:44 AM

LexisNexis said on Tuesday that a security breach which resulted in personal information of thousands of its customers potentially being compromised could be ten times worse than originally thought. An investigation has discovered that 310,000 U.S. citizens may have had their addresses and Social Security numbers accessed.

As reported last month, the break-in occurred at LexisNexis-owned Seisint, a company that specializes in creating databases from information it gets from the U.S. government. At the time it was believed only 32,000 customers were affected by the hack.

However, an investigation led by LexisNexis parent Reed Elsevier determined the issue was more widespread. Seisint databases were accessed 59 times using stolen passwords, and found possible fraudulent accesses in other LexisNexis databases as well.

In a statement, Reed Elsevier said it would contact the additional 278,000 individuals and offer free credit monitoring. Only two percent of the original 32,000 customers accepted the offer.

The recent revelation becomes yet another embarrassing incident for the data broker industry. In February, ChoicePoint revealed that 145,000 of its customers had their personal information stolen, which resulted in 750 reports of identity theft in California alone.

At this point, Reed Elsevier says no reports of identity theft stemming from the break-in have surfaced, although it will take pre-emptive measures to protect its customers.

Add a Comment (4 Comments)

BetaNews reserves the right to remove any comment at any time for any reason. Please keep your responses appropriate and on topic. Foul language and personal attacks will not be tolerated.

Name (required):

E-mail (required):

Enter Your Comment:

By spiffyjeff

posted Apr 12, 2005 - 3:49 PM

How was this info compromised?

Score: 0

By hlesesne

posted Apr 12, 2005 - 11:56 AM

I took a look at the TOS for using LexisNexis and posted them to my blog (with some short notes :-))... It made for some pretty entertaining reading.

I posted it over here:

http://hal.lco.net/Perma...-bb6b-d7248763745b.aspx

Score: 0

By mjm01010101

posted Apr 12, 2005 - 1:32 PM

uh, pretty standard agreement. What exactly is so stunning about it? WHat difference does the date make? What does this have to do with cutomers' breach of data? Thousands of companies have copy/pasted agreements just like this.

Score: 0

By hlesesne

posted Apr 12, 2005 - 2:38 PM

No real point to it :-).

Just found it interesting the types of expectations (standard boilerplate or not) LexisNexis has on their customers.

Score: 0

Nov 29 - 1:41 PM ET Teacher must still surrender license in bizarre 'exposure to porn' suit

Nov 26 - 9:19 PM ET Spambots edge back online post-McColo

Nov 26 - 9:17 PM ET Connecting the Black Friday dots: What to expect from CE retail

Nov 26 - 9:09 PM ET Google admits that its iPhone voice search breaks Apple's rules

Nov 26 - 5:15 PM ET Apple uses DMCA as a weapon against an open source iTunes hack

Nov 26 - 5:13 PM ET US DHS eases off its '10+2' import rules

Nov 26 - 5:08 PM ET IBM unveils 'cloud validation' to harden security and lower TCO

Nov 26 - 2:15 PM ET Thanks, EchoStar: TiVo nears its first profitable year

Nov 26 - 1:49 PM ET Google integrates Earth-like controls in new Maps interface

Nov 26 - 11:28 AM ET Mozilla developers readying one more beta cycle for Firefox 3.1