Cybersecurity website reports cyberattacks at data brokers D&B, LexisNexis, Altegrity
| BOSTON
Three major U.S. data providers said on Wednesday they were victims of cyber attacks, after a聽cybersecurity聽news website linked the breaches to a group that sells stolen social security numbers and other sensitive information.
An FBI spokeswoman said the bureau was investing the breaches but declined to elaborate.
The disclosures, by Dun & Bradstreet Corp, Altegrity Inc's聽Kroll Background America Inc聽and Reed Elsevier's LexisNexis Inc, came after website KrebsOnSecurity first reported the breaches.
The site said the attacks were masterminded by a cybercrime ring that sold stolen data such as credit reports through the website ssndob.ms, or SSNDOB. ()
The ring offered social security numbers, birthdays and other personal data of U.S. residents for between 50 cents and $2.50 per record, KrebsOnSecurity reported. Credit reports and background checks cost between $5 and $15, the聽cybersecurity聽site reported after a seven-month investigation into SSNDOB.
KrebsOnSecurity said the group placed malicious software on servers at LexisNexis as early as April 2013, suggesting that the attackers had access to its internal networks for at least five months.
SSNDOB administrators operated a small botnet, or group of infected computers remotely controlled by hackers, that was in direct communication with computers inside several large U.S. data brokers, the KrebsOnSecurity report said.
Five hacked servers were identified by examining the web interface used to control the botnet. Two of them were inside LexisNexis, two at D&B, and one at Kroll Background America.
"There are grave implications here from a privacy perspective," said聽Alex Holden, a cyber forensics expert who served as a consultant to the publication during the investigation.
Two of the victims declined to comment on the potential theft of data, saying they were investigating the attacks to find out exactly what happened. A third, LexisNexis, said it has so far found no evidence of theft.
"To date (we) have found no evidence that customer or consumer data were reached or retrieved," a LexisNexis representative said in a statement.
D&B spokeswoman聽Michele Caselnova聽said her firm was "aggressively investigating" the attack.
"Data security is a company priority and we are devoting all resources necessary to ensure that security," she said.
Kroll Background America spokesman聽Ray Howell聽said the company was working with external forensics experts to investigate the source and "impact, if any," of malicious software found on web servers at a聽Nashville,聽Tennessee聽data center.
