Three major US data providers have confirmed that they were breached after attacks were linked to groups who sell stolen social security numbers and other sensitive information.
After the details of the breaches were announced by security blogger Brian Krebs this week, the companies involved – Dun & Bradstreet Corp, Altegrity Inc’s Kroll Background America Inc and Reed Elsevier’s LexisNexis Inc – were all compromised by a group that sold stolen data.
An FBI spokeswoman said the bureau was investing the breaches but declined to elaborate.
Krebs said that the LexisNexis compromise appeared to have begun in April of this year, but said it was still in the process of investigating whether other systems on its network may have been compromised by the intrusion.
Krebs said: “The prevailing wisdom suggests that the attackers were going after these firms for the massive amounts of consumer and business data that they hold. While those data stores are certainly substantial, fraud experts say the really valuable stuff is in the data that these firms hold about consumer and business habits and practices.”Five hacked servers were identified by examining the web interface used to control the botnet. Two of them were inside LexisNexis, two at D&B, and one at Kroll Background America.
LexisNexis confirmed that the compromises appear to have begun in April of this year, but said it found “no evidence that customer or consumer data were reached or retrieved,” via the hacked systems.
Dun & Bradstreet said the information provided about the botnet’s interaction with the company’s internal systems had been “very helpful” and it was aggressively investigating the matter, taking it very seriously and was in touch with the appropriate authorities.
Altegrity declined to confirm or deny the apparent compromises.
