Slashdot Mirror

← Back to Stories (view on slashdot.org)

Consumer Database Company Hacked Again

Posted by michael on from the don't-worry-be-happy dept.

x-guru writes "CNN is reporting on the indictment of a Florida man on 144 identity theft charges including fraud, money-laundering, and obstruction of justice. Approximately 8.2 GB of data was stolen from Acxiom Corp, a company responsible for the storage of vast amounts of personal, financial and corporate data. It looks to be an inside job as six Acxiom employees have agreed to cooperate with the investigation." Acxiom was hacked last year as well.

2 of 230 comments (clear)

  1. Case in point by Lord+Grey · · Score: 5, Insightful
    Approximately 8.2 GB of data was stolen from Acxiom Corp...
    This is yet another example of why it would be a terrible idea to institute a national ID card. The people backing the card, when faced with the concept of someone stealing the contents of the database that would support the card, invariably insist that "it couldn't happen -- we'll secure it real well."

    Beyond the fact that a national ID card wouldn't provide any additional security, putting that much private information in one place is just asking for trouble. As this latest debacle shows, and as Schneier points out in the article I referenced.

    From the CNN article:

    "We will aggressively pursue those who steal private information from computer networks and make it clear that there are serious consequences for such crimes," [Assistant Attorney General Christopher Wray] said.
    Oh, good. That will surely stop it from happening.
    --
    // Beyond Here Lie Dragons
  2. Details... by Anonymous Coward · · Score: 5, Informative
    Remember last year when Acxiom had some "minor" security issues? It was slashdotted, here and here. Their nightmare is far from over. Just yesterday a 144-count indictment was slapped to Scott Levine, 45, of Boca Raton, Fla.-based Snipermail.com Inc. Levine was charged with conspiracy, unauthorized access of a protected computer, access device fraud, money laundering and obstruction of justice, according to the indictment. Did I mention he accussed of stealing about 8.2 gigs worth of data at the same time Daniel Baas was stealing gigs of data? Baas has already been conviced.

    THIS WAS NOT AN INSIDE JOB. Two people from different parts of the country were "hacking" Acxiom at the same time, using the same vulnerability. Neither of them even knew each other. Acxiom's security was a flaming turd.

    Search all the Daniel Baas articles and you will find he cracked a password file they had in a public directory on the ftp server. This guy did the same thing. Acxiom should be shutdown for their stupidity.