Data Thieves Strike LexisNexis

First it was ChoicePoint – this time LexisNexis is reporting theft of personal data. The E-Law Library Web Log has summarized the story:

The New York Times reports that LexisNexis announced that thieves obtained the personal information – including social security numbers – of about 30,000 people from the Accurint database (part of Seisint) that the company purchased last year. Hackers apparently obtained access to the information through the login names and passwords of legitimate users. The legitimate customers notified LexisNexis in early February when they noticed bills for the database use. After an investigation, LexisNexis notified law enforcement. The company plans to send letters to the 30,000 individuals whose information was compromised. The article states that the company plans to offer free credit monitoring to all of the affected customers.
According to the LexisNexis press release, the information accessed “includes names, addresses, social security and drivers’ license numbers, but not credit history, medical records or financial information.” The company’s steps to enhance security

  • Enhancing ID and password administration procedures and requirements for
  • Dedicating additional resources to consumer privacy
  • Working with customers to stress the importance of consumers’ privacy
  • Working with law enforcement to protect against criminal