LexisNexis Database Compromised, 32,000 Profiles At Risk

KingFish

Information publisher Reed Elsevier said scammers had abused one of its LexisNexis databases, accessing information that should have been available only to its legitimate customers.

In a statement, Reed Elsevier said third parties misappropriated the IDs and passwords of paying customers of its Siesent subsidiary.

The system broke down when crooks were able to use the passwords of legitimate customers to access LexisNexis' records. It discovered the problem during a review of the verification, authorization and security procedures and policies for its businesses.

"Information on approximately 32,000 individuals may have been fraudulently accessed in these incidents," the statement read. The information included names addresses, Social Security numbers and drivers' license numbers, but not credit history, medical records or financial information. The company refused comment beyond prepared statements.

LexisNexis, a subsidiary of Reed Elsevier, acquired Siesent in September 2004 for $775 million, along with its products, Securint and Accurint. Securint provides background screening services for employers, landlords and volunteer organizations. Accurint can be used to locate individuals for things, such as debt recovery and legal investigations.

Source: Internet News

Camman

When the hell is this database compromising going to stop, somebody needs to start imposing serious penalities. Alot of companies store data on people who don't even use their services or are just big data warehouses for others to get their data from, I certainly wouldn't appreciate it if a company who had data I didn't even give them be compromised for people to steal my identity because their systems security sucked.

This is one case where governments need to step in and warn of some serious fines for unsecured data that could be compromised and risk the financial lives of millions of people.