Slashdot Mirror

← Back to Stories (view on slashdot.org)

40 Million Identities Up For Sale On the Web

Posted by kdawson on from the big-fat-target dept.

An anonymous reader writes "Highly sensitive financial information, including credit card details, bank account numbers, telephone numbers, and even PINs are available to the highest bidder. The information being traded on the Web has been intercepted by a British company and collated into a single database for the first time. The Lucid Intelligence database contains the records of 40 million people worldwide, mostly Americans; four million are Britons. Security experts described the database as the largest of its kind in the world. The database is in the hands of Colin Holder, a retired senior Metropolitan police officer who served on the fraud squad. He has collected the information over the past four years. His sources include law enforcement from around the world, such as British police and the FBI, anti-phishing and hacking campaigners, and members of the public. Mr. Holder said he has invested £160,000 in the venture so far. He plans to offset the cost by charging members of the public for access to his database to check whether their data security has been breached."

5 of 245 comments (clear)

  1. Re:Where does a cop get £160,000? by plover · · Score: 3, Informative

    now he is simply a slimy scammer trading in stolen goods. The man is a disgrace.

    Or possibly an MP.

    Same thing.

    --
    John
  2. Re:splitting hairs by FromellaSlob · · Score: 5, Informative

    The UK DPA also requires that he have a legitimate reason to hold this data in the first place, which would be either a direct customer relationship, or a third party one like a credit reference agency (where the customer gives permission for the third party data-sharing as part of their credit applications). It also requires that he hold it for no longer than strictly necessary for the purposes of said business relationship. The law in question thankfully makes this an explicitly opt-in thing, outside of government no-one can legally collect your data without your permission and then require you to opt out.

  3. Privacy laws in the UK by Anonymous+Brave+Guy · · Score: 4, Informative

    I know there are no privacy laws in Britain

    Erm... Yes, there are.

    If this is what it appears to be, it's a fairly obvious breach of the Data Protection Acts. Indeed, from the TFA:

    The Information Commissioner, the data protection watchdog, is monitoring the development of the database. [...] The legality of the database could be put to the test in the coming week. The Information Commissioner's Office said it could not endorse a commercial service or make a ruling on its validity unless someone made a complaint. But the privacy watchdog said it had "provided advice to help the company comply with the principles of the Data Protection Act".

    I rather suspect that this advice may have been "Stop. Now." :-)

    The database might also fall foul of European human rights legislation that explicitly covers privacy.

    --
    If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
  4. Re:If he really wanted to do the right thing... by Minwee · · Score: 4, Informative

    Aren't the police supposed to help protect the public?

    I see that this is your first time visiting England.

    The police are far too busy tracking down dangerous criminals to worry about your petty concerns.

  5. Re:Where does a cop get £160,000? by siloko · · Score: 4, Informative

    This will end very badly for him.

    Yes because here in the UK we always punish our criminally inclined police . . .