LexisNexis parent company Reed Elsevier said hackers compromised databases belonging to the well-known information retriever, stealing passwords, names, addresses, Social Security numbers, and driver's license numbers of about 32,000 customers of the company's recently acquired Seisint division.
Seisint collects information used by law enforcement and private companies for matters like fraud detection and debt recovery—similar to that done by ChoicePoint, the California company compromised in February by hackers who may have taken information on as many as 145,000 people.
"Information on approximately 32,000 individuals may have been fraudulently accessed in these incidents," said Reed Elsevier in a March 9 statement. "LexisNexis very much regrets this and will be notifying all the individuals concerned and providing them with ongoing credit monitoring and practical support to ensure that any identity theft is quickly detected and addressed. Any further instances that emerge from the ongoing review will likewise be handled as quickly and as sensitively as possible."
The company said the incident became known during a review of security procedures, warning that more data theft incidents might occur.
LexisNexis acquired Seisint, a Boca Raton, Florida-based company, in September 2004, paying $775 million to buy the company. Seisint may be most familiar as the data source behind the so-called Multistate Anti-Terrorism Information Exchange, known as Matrix, bringing together criminal and public records from U.S. states that participate in the exchange program.
Seisint vice president William Shrewsbury said only that the hackers who got the stolen information did it differently than those who broke into ChoicePoint databases. The ChoicePoint hackers disguised themselves as legitimate ChoicePoint customers, with some of the information stolen believed to be used since in an estimated 750-identity theft scams. Shrewsbury offered no further details on how Seisint believed their hack was done.
LexisNexis/Seisint and ChoicePoint aren't the only major companies victimized by such large-enough scale database hacks, leaks, or losses. Bank of America acknowledged last week that it lost digital tapes that included credit card account records of 1.2 million federal employees, including sixty members of the U.S. Senate.
The ChoicePoint hack, moreover, came at a time when the company was under Federal Trade Commission scrutiny over potential insider trading by its chief executive and chief operating officer, among other prospective infractions.
