Slashdot Mirror


Consumer Database Company Hacked Again

x-guru writes "CNN is reporting on the indictment of a Florida man on 144 identity theft charges including fraud, money-laundering, and obstruction of justice. Approximately 8.2 GB of data was stolen from Acxiom Corp, a company responsible for the storage of vast amounts of personal, financial and corporate data. It looks to be an inside job as six Acxiom employees have agreed to cooperate with the investigation." Acxiom was hacked last year as well.

6 of 230 comments (clear)

  1. disclosure by Anonymous Coward · · Score: 4, Insightful

    of course i can't be bothered to RTFA, but when will we have laws making it a mandatory requirement for companies like this to fully disclose events like this to the public. after all, it is our information they're "losing"

  2. Comment removed by account_deleted · · Score: 3, Insightful

    Comment removed based on user account deletion

  3. The only way to keep private data private... by MartinG · · Score: 3, Insightful

    ... is to not store it all in one place.

    Centralised databases of sensitive data are evil.

    --
    -- MartinG To mail me: echo kewyjlcxyzvjfxbqwh | tr bcefhjklqvwxyz .@adgimnoprstu
  4. It's also extremely well-worth noting... by The+Ultimate+Fartkno · · Score: 3, Insightful

    ...that the man (scum-sucking dirtbag duck-raper, actually) indicted, Scott Levine, is the owner of Snipermail - a spamhouse located in (get ready for a shock!) Florida. Is anyone surprised that a spammer (connected to Eddie Marin, btw) has moved on to massive identity theft? Don't you just wonder what he was planning on using all that data for?

    How about a quick game of Hangman, kids. "Here's hoping he gets time in a federal _____-__-__-___-___ prison!" (Commence flames from more enlightened readers in 3... 2... 1...)

  5. Case in point by Lord+Grey · · Score: 5, Insightful
    Approximately 8.2 GB of data was stolen from Acxiom Corp...
    This is yet another example of why it would be a terrible idea to institute a national ID card. The people backing the card, when faced with the concept of someone stealing the contents of the database that would support the card, invariably insist that "it couldn't happen -- we'll secure it real well."

    Beyond the fact that a national ID card wouldn't provide any additional security, putting that much private information in one place is just asking for trouble. As this latest debacle shows, and as Schneier points out in the article I referenced.

    From the CNN article:

    "We will aggressively pursue those who steal private information from computer networks and make it clear that there are serious consequences for such crimes," [Assistant Attorney General Christopher Wray] said.
    Oh, good. That will surely stop it from happening.
    --
    // Beyond Here Lie Dragons
  6. Re:"Vast amounts" by laigle · · Score: 3, Insightful

    First off, 8.2 gigs is a LOT of simple data. We're talking about databases here, not mp3s. A few kbytes can give you everything you need to steal someone's identity and more. We're talking about hundreds of thousands or even a few million entries.

    Second, what can you really do with 50 million social security/credit card/name/address matches that you can't do with 1 million? It's not likely this data was stolen just for spam, much larger databases are readily available for that purpose. Even the largest, most nefarious criminal organization would be set for years with a million verified identities to misuse. Even if you could only net a few hundred dollars from each identity theft, that's a LOT of money. And at a certain point the scale of the data overrides your ability to exploit it anyways.