[prev in list] [next in list] [prev in thread] [next in thread]
List: isn
Subject: [ISN] Data Broker Giants Hacked by ID Theft Service
From: InfoSec News <alerts () infosecnews ! org>
Date: 2013-09-25 6:32:26
Message-ID: alpine.DEB.2.02.1309250632150.24273 () infosecnews ! org
[Download RAW message or body]
http://krebsonsecurity.com/2013/09/data-broker-giants-hacked-by-id-theft-service/
By Brian Krebs
Krebs on Security
September 25, 2013
An identity theft service that sells Social Security numbers, birth
records, credit and background reports on millions of Americans has
infiltrated computers at some of America's largest consumer and business
data aggregators, according to a seven-month investigation by
KrebsOnSecurity.
The Web site ssndob[dot]ms (hereafter referred to simply as SSNDOB) has
for the past two years marketed itself on underground cybercrime forums as
a reliable and affordable service that customers can use to look up SSNs,
birthdays and other personal data on any U.S. resident. Prices range from
50 cents to $2.50 per record, and from $5 to $15 for credit and background
checks. Customers pay for their subscriptions using largely unregulated
and anonymous virtual currencies, such as Bitcoin and WebMoney.
Until very recently, the source of the data sold by SSNDOB has remained a
mystery. That mystery began to unravel in March 2013, when teenage hackers
allegedly associated with the hacktivist group UGNazi showed just how
deeply the service's access went. The young hackers used SSNDOB to collect
data for exposed.su, a Web site that listed the SSNs, birthdays, phone
numbers, current and previous addresses for dozens of top celebrities —
such as performers Beyonce, Kayne West and Jay Z — as well as prominent
public figures, including First Lady Michelle Obama, CIA Director John
Brennan, and then-FBI Director Robert Mueller.
Earlier this summer, SSNDOB was compromised by multiple attackers, its own
database plundered. A copy of the SSNDOB database was exhaustively
reviewed by KrebsOnSecurity.com. The database shows that the site's 1,300
customers have spent hundreds of thousands of dollars looking up SSNs,
birthdays, drivers license records, and obtaining unauthorized credit and
background reports on more than four million Americans.
[...]
--
Find the best InfoSec talent without breaking your
recruiting budget! Post a Job, $99 for 31 days.
Hot InfoSec Jobs - http://www.hotinfosecjobs.com/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic