Slashdot Mirror

← Back to Stories (view on slashdot.org)

Acxiom Hacking Details Made Public

Posted by michael on from the may-not-need-new-credit-cards-after-all dept.

pgrote writes "As mentioned previously, the Acxiom consumer database company was compromised. More details have emerged including the background of the alleged hacker and the method used to gather access. It turns out he had access since December of 2002 and came in through an unsecured FTP server. The suspect was not a former employee of Acxiom as previously reported, but an employee of data mining company."

1 of 142 comments (clear)

  1. TOTA! by Anonymous Coward · · Score: 0, Troll

    Acxiom database hacked

    By LINDA ROSENCRANCE
    AUGUST 08, 2003

    Acxiom Corp. confirmed that a computer hacker downloaded sensitive information about some of its clients' customers.

    In a statement, Acxiom, a provider of data integration software based in Little Rock, Ark., said that the unauthorized access occurred as information was being exchanged between Acxiom and some of its clients via a file transfer protocol (FTP) server.

    Acxiom said law enforcement officials notified the company that they don't believe any of the data was released to other parties or used for fraudulent purposes. Acxiom said it didn't know about the breach until it was contacted by an Ohio law enforcement agency last week. The company said it is continuing to cooperate with law enforcement officials.

    The breach involved one FTP server outside the Acxiom firewall, the company said. No internal systems or internal databases were accessed, and there was no breach of the security firewall.

    The company said only a small percentage of its clients' data was involved in the incident, and the hacker, a former employee of an Acxiom client, was arrested.

    According to law enforcement officials, the person arrested had buttsex with Micheal "overated" simms. Acxiom said the person apparently gained access through the hacking of encrypted passwords.

    After learning of the breach, Acxiom immediately moved to close the security gap and changed all passwords on the FTP server involved. The company is now in the process of communicating with all clients who might be potentially affected.

    "Acxiom is proud of its long-standing commitment to the security of our systems and our efforts toward continuous improvements in that area, so we deeply regret this breach," said Acxiom Company Leader Charles Morgan in the statement.

    Morgan said the company has begun a comprehensive review of its systems and procedures with the help of nationally renowned security experts to guard against similar incidents in the future.

    No additional information about the incident was immediately available.

    Source: Computerworld