LexisNexis Breach Worse Than Thought

LexisNexis said on Tuesday that a security breach which resulted in personal information of thousands of its customers potentially being compromised could be ten times worse than originally thought. An investigation has discovered that 310,000 U.S. citizens may have had their addresses and Social Security numbers accessed.

As reported last month, the break-in occurred at LexisNexis-owned Seisint, a company that specializes in creating databases from information it gets from the U.S. government. At the time it was believed only 32,000 customers were affected by the hack.

However, an investigation led by LexisNexis parent Reed Elsevier determined the issue was more widespread. Seisint databases were accessed 59 times using stolen passwords, and found possible fraudulent accesses in other LexisNexis databases as well.

In a statement, Reed Elsevier said it would contact the additional 278,000 individuals and offer free credit monitoring. Only two percent of the original 32,000 customers accepted the offer.

The recent revelation becomes yet another embarrassing incident for the data broker industry. In February, ChoicePoint revealed that 145,000 of its customers had their personal information stolen, which resulted in 750 reports of identity theft in California alone.

At this point, Reed Elsevier says no reports of identity theft stemming from the break-in have surfaced, although it will take pre-emptive measures to protect its customers.