Slashdot Mirror

← Back to Stories (view on slashdot.org)

Consumer Database Company Hacked

Posted by michael on from the new-SSNs-for-everyone dept.

fermion writes "The NYT(FRR) and others are reporting that a hacker has broken into a Acxiom server. Acxiom evidently is "one of the world's largest consumer database companies" and serves most top credit card companies and retail banks. There are a few items that stand out in this case. First, Acxiom had no idea that the breach occurred until the company was contacted by the police. Second, the theft was an inside job. The suspect, now in police custody, was an employee with legitimate access to the information. It amazes me that a such a company would have such lax security as to allow an insider to browse supposedly private data at will. Third, the company is taking no responsibility for the break in other than reporting it to the clients, who then may or may not inform their customers." Acxiom is a Certified Participant in the BBBOnline Privacy Program.

10 of 286 comments (clear)

  1. corporate speak by Anonymous Coward · · Score: 5, Funny
    ``The data on the servers was a wide variety of information, some of which was personal, some of which was not,'' Jennifer Barrett, the company's chief privacy officer

    Translation: The names of the directories weren't personal data...The files in the directories? well they had the SSN/DOB/Address etc. So, technically, some of the data was personal and some wasn't.

  2. Re:What OS? by duffbeer703 · · Score: 2, Funny

    I setup AS/400 web solutions for my clients. They are ultimately secure because no hacker would know what to do if he broke into the system.

    --
    Conformity is the jailer of freedom and enemy of growth. -JFK
  3. Security Test by Anonymous Coward · · Score: 0, Funny

    When hackers say they want to hack into a system to "expose the security flaws" of the system, I want to kick them square in the groin to "expose the security flaws" of their pants.

  4. Re:You're amazed by this? by Anonymous Coward · · Score: 0, Funny

    all your privacy are belong to us

  5. You're just too sensitive by wytcld · · Score: 2, Funny

    "I can say this about the data, much of it was nonsensitive information."

    I can say this about this gun I'm pointing at you, much of it is innert material.

    --
    "with their freedom lost all virtue lose" - Milton
  6. Well, duh. by russotto · · Score: 1, Funny
    It amazes me that a such a company would have such lax security as to allow an insider to browse supposedly private data at will.

    Uh, yeah, at the risk of -1 redundant, of course an insider will be able to browse private data at will. _Someone_ has to be able to get to the data, unless you're postulating SkyNet.

    I suppose this could have been a hack, if this person became employed at the company in order to get the data -- that comes under social engineering hacks (and industrial espionage). But "disgruntled or avaracious insider abuses position of trust" is hardly news.

  7. Some more details of the theft by teamhasnoi · · Score: 2, Funny
    According to another insider with access to the data, the man responsible for stealing this info had to scale a 3 foot wall, distract a cocker spaniel with ADD, open a squeaky door, and play Whack-a-Mole until he got the high score to get access to where the data was stored.

    He then had to play tic-tac-toe against a chicken, and decide if 'Eliza' passed the Turing test to actually acces the data.

    Once it was fully printed on tractor feed paper, he then had to bribe a small child with Pokemon cards, and juggle three rolls of tape and sing 'You Are the Wind Beneath My Wings' in front of Ryan Seacrest in order to abscond with the wheelbarrel full of printouts.

    I think we can all agree that security was not at issue here, it certainly had to be an inside job.

  8. Re:Contradictory by *weasel · · Score: 2, Funny

    bomb proof?
    colocation? offsite backups? fully redundant systems?

    operation mayhem will have to make note to be thorough.

    --
    // "Can't clowns and pirates just -try- to get along?"
  9. Look on the bright side! by mraymer · · Score: 2, Funny
    Well, at least everyone's money that this guy is going to be spending might help inject some more life into the economy... right? ...heh.

    --

    "To confine our attention to terrestrial matters would be to limit the human spirit." -Stephen Hawking

  10. I, Trollbot by filmsmith · · Score: 2, Funny

    1. A Trollbot may not be modded insigtful or, through inaction, allow another Trollbot to come to Insightful status

    2. A Trollbot must obey orders given it by geeks except where such orders would conflict with the First Law

    3. A Trollbot must protect its own existence as long as such protection does not conflict with the First or Second law.

    Just a lazy, Karma-burnin' friday...