Slashdot Mirror

← Back to Stories (view on slashdot.org)

Consumers Data Stolen from LexisNexis

Posted by samzenpus on from the todays-info-stolen-from dept.

LE UI Guy writes "Reuters is currently running a story regarding LexisNexis being tapped into by identity thieves who accessed up to 32,000 customer profiles. Information hit included names, addresses, Social Security and driver's license numbers. This comes on the heels of rival ChoicePoint being breached for 145,000 profiles last month in a similar case. Better check yourself." Update: 03/10 02:40 GMT by J : ChoicePoint's name corrected (and, it may be more than 145,000, they don't know).

19 of 298 comments (clear)

  1. How long before ANYONE'S info hasn't been stolen? by loggia · · Score: 4, Interesting

    With phishing, spyware, database theft... people picking thru your trash...

    How long before ANYONE'S identity has not been stolen?

    Seriously.

    Why not just put a fraud alert on everyone's credit reports and let's get it over with. You want to apply for credit? You'll have to jump through a few more hoops...

    The system as it is now is painfully broken.

  2. How long it will take .. by Anonymous Coward · · Score: 4, Interesting

    How long it will take someone to build a complete (may be 90%)databese of all americans thet will include SSN, DL#, Home address & Phone # etc. If this is the rate of privacy the thefts.

    How much it will be worth it and to whome it will worth it.

  3. Washington Post article by CRepetski · · Score: 4, Interesting
    The Washington Post has another article about this:
    http://www.washingtonpost.com/wp-dyn/articles/A199 82-2005Mar9.html

    Most organizations have some sort of regulatory body. Does the data harvesting industry have this?

    Perhaps this should turn some heads in Congress now that we've got multiple cases of this insecurity. The question is, is Congress going to be able to do anything about it or will it be the same situation as with government computer security: Right now they just say "your security is bad" but that doesn't always fix the problem.

  4. Re:Information Wants to Be Free :P by laughingcoyote · · Score: 5, Interesting

    No...remember, copyright is only for the benefit of corporations too. You don't have the right to prevent the distribution of data that pertains to you, that right only extends to the latest pop song, that they've already chosen to release publicly, and then expect to tell said public what they may or may not do with it.

    But that brings up an interesting point...isn't someone currently getting sued by Apple for collecting data on them without their authorization and distributing it? Are only corporations allowed to protect sensitive data, and punish those who distribute it without authorization? If "trade secrets" exist, surely "personal secrets" do too?

    --
    To fight the war on terror, stop being afraid.
  5. Social Security numbers? by mithras+the+prophet · · Score: 2, Interesting

    Did anybody else think -- what the hell is LexisNexis doing with peoples' Social Security numbers? But it turns out that this is a subsidiary that gathers up consumer data. So it's not that you have to key in your SSN before doing a Lexis search these days.

    Though I'm sure Ashcroft^H^H^H^H^H Gonzales would like that idea...

    --
    four nine eighteen twenty-7 thirty-nine forty-7 fiftyeight sixty-nine seventy-9 eighty-8 one-hundred-and-nine one-twenty
  6. The solution: Opt In by sulli · · Score: 4, Interesting
    Of course the bastards will do everything in their power to prevent it, but the answer is federal regulations requiring the explicit permission of the affected parties before any data on any individual is sold to anyone.

    I don't want a bunch of strangers reading my dossiers (and I have had exactly this - I was affected by the ChoicePoint scam). If I had to approve every offering or sale of my data, I would have easily been able to block said scam.

    --

    sulli
    RTFJ.
  7. Re:Easy solution to this problem by jxyama · · Score: 2, Interesting
    why? i understand your sentiment, but it will do nothing in practical terms.

    microsoft employees use windows. need i say more?

  8. Ephemeral data by 1davo · · Score: 3, Interesting
    Perhaps we need to keep our identity data offline.

    Our data should only live for the time it takes to make an online transaction; and not a femto-second longer.

    I want a "Mission Impossible" ID that self-destructs!

    How hard would this be to imple%$^? pfffttt __end_smoke_fx;

  9. Legal comeback? by danbond_98 · · Score: 2, Interesting

    What kind of comeback do people have if their data is misused as a result of this? I know in the UK the Data Protection Act would cover this kind of thing, but are there powers in the US to prosecute LexusNexus should their failure to protect your data cause you loss?

  10. the facts by Anonymous Coward · · Score: 1, Interesting

    Choice Point SOLD information to people that turned out to be ID thieves, Is this the same story with L/N ?

    The story only says ID thieves got a hold of data, it doesn't say how. (The use of ID Thieves naturaly leads you to asume they stole the data, BUT!)

  11. Re:Information Wants to Be Free :P by Doc+Ruby · · Score: 4, Interesting

    We might be entering a time when the only chance of protecting one's rights is to incorporate, and assign all assets (IP and real) to it. Incorporation might become the modern blessing once expected of christening.

    --

    --
    make install -not war

  12. Re:Information Wants to Be Free :P by gregmac · · Score: 2, Interesting

    These corporations are destroying the value of our essential property: our identities. They demand we give our personal info, without enforcing our copyrights to prevent its being disseminated

    There's an idea (not sure if this is what you were implying): copyright your personal data. When you have to give info to someone, make them agree to a licence to use your info. "You are hereby granted a limited, non-exclusive right to this information. You may use this information internally within your company for the use of identifing and billing my account. you may not distribute this information to other parties or use it for any other purpose than stated above without my express written consent."

    Then if they abuse it, you can sue them for copyright infringement.

    Would this work?

    --
    Speak before you think
  13. I want to avoid being like those schlubs by Who+drank+my+chocola · · Score: 2, Interesting

    Recent events have forced me to examine and then re-examine my security arrangements. I'm the new admin for a small publishing concern and I'm playing catch up right now. Before I got hired, a lot of admin work was left undone. So I want to do a good job, and all this talk of data theft has me spooked...

    I've inherited a mess. A total mess. Employees with default passwords (that never expire,) vendors from years long gone by with active accounts, some used recently... (Yeah, I've already disabled them.) The list just goes on.

    My point is, when you read a story like this you feel bad for how screwed the admin(s) will be (especially if they have family) for a moment.

    And then you get to work and double-check that you're not next in line for a public de-pantsing.

    --
    Tough day? How about a free Mac mini?
  14. Social Security numbers? by dbIII · · Score: 4, Interesting
    They should not be storing this information, it should only be for government use. Realisticly the implications are the same as the theives getting your credit card number, expiry date and PIN.

    In this Homeland paranoia age where everything that is in the database must be right, you certainly don't want to see government ID numbers getting used in fraud. How do you go about getting a new Social Security number when the existing one is being used in fraud?

  15. Re:Information Wants to Be Free :P by 2nd+Post! · · Score: 2, Interesting

    I don't think only corporations have the right.

    If you're information was leaked, I don't see why you couldn't sue Lexis/Choice/BofA.

    The problem is whether you are suing for:
    1) Damages
    2) Liability
    3) Criminal behavior

    Damages? That depends on how much got stolen from you
    Liability? I have no clue
    Criminal behavior? I suppose that falls under 'negligence' but I don't know how they award damages for this.

    --

    GPL Deconstructed
  16. Re:Information Wants to Be Free :P by Doc+Ruby · · Score: 2, Interesting

    How is one's corporate assets any less safe than one's personal assets in court? In fact, it's quite the other way around. And where is this "one corporation per human" rule? When taking risks, of course the assets will be shuffled to some more-protected corporation, giving the risk-taking corporation's limited liability more teeth. Just like any other corporation.

    --

    --
    make install -not war

  17. Re:Information Wants to Be Free :P by gstoddart · · Score: 3, Interesting
    How is one's corporate assets any less safe than one's personal assets in court?

    Corporations may be bought and sold.

    Tommy Hilfiger no longer owns his name, it's a corporation.

    When, as the grandparent suggested, you get a corporation as your birthright, it sounds awfully eerie to me. *shrug* Maybe the foil hat is too snug.
    --
    Lost at C:>. Found at C.
  18. Re:Information Wants to Be Free :P by Doc+Ruby · · Score: 2, Interesting

    One's personal assets may be bought and sold, too. They're just harder to devalue for tax purposes (among other tricks) than are corporate assets. And personal assets are more easily frozen than are corporate assets. I'd prefer a future in which humans have rights, and corporations have inferior rights. But that's very clearly the opposite of the actual trend. Coping might mean dignifying a disgusting values priority, but it's certainly feasible.

    --

    --
    make install -not war

  19. Re:the law is... by Anonymous Coward · · Score: 1, Interesting

    My checks have the statement "Personal information is not for resale." on them and I sincerely hope I soon get a letter from either one of these companies, as I'm going to sue the crap out of them and everyone in between that bartered my personal data.