LexisNexis Breach Worse Than Believed

Grok Headline matches for LexisNexis Breach Worse Than Believed

LexisNexis Breach Worse Than Thought

LexisNexis Breach Worse Than Thought 04/12/2005 10:20 AM
LexisNexis said on Tuesday that a security breach which resulted in personal information of thousands its customers potentially being compromised could be ten times worse than originally thought. An investigation has discovered that 310,000 U.S. citizens may have had their addresses and Social Security numbers accessed.

LexisNexis Breach May Be Worse Than
Thought (AP)

LexisNexis Breach May Be Worse Than
Thought (AP) 04/12/2005 11:50 AM
AP - Up to 10 times as many people as originally thought may have had their profiles stolen from a LexisNexis database in the United States, publisher and data broker Reed Elsevier Group PLC said Tuesday.

LexisNexis data breach far worse than
reported

LexisNexis data breach far worse than
reported 04/13/2005 04:06 AM
300,000+ affected

LexisNexis May Have Had Earlier Breach
(AP)

LexisNexis May Have Had Earlier Breach
(AP) 04/13/2005 07:46 PM
AP - A LexisNexis executive said Wednesday there may have been an earlier breach of consumers' personal data that was never reported to the public.

LexisNexis Warns 280,000 of Info Breach
(AP)

LexisNexis Warns 280,000 of Info Breach
(AP) 04/18/2005 07:13 PM
AP - LexisNexis said on Monday that it has begun notifying about 280,000 people whose personal information may have been accessed by unauthorized individuals using stolen passwords and IDs.

Other News: Massive LexisNexis Breach

Other News: Massive LexisNexis Breach 04/12/2005 11:37 AM
Sensitive personal data on hundreds of thousands of people has been breached at LexisNexis.

Security Breach at LexisNexis Now
Appears Larger

Security Breach at LexisNexis Now
Appears Larger 04/13/2005 12:06 AM
Social Security numbers and the addresses of 310,000 people may have been stolen from the LexisNexis databases, 10 times more than originally reported.

LexisNexis Says Data Breach May Affect
310,000 People

LexisNexis Says Data Breach May Affect
310,000 People 04/12/2005 04:38 PM
The LexisNexis Group said today that the security breach at its data brokering unit appeared to be about 10 times larger than it originally reported.

Data Breach Much Worse Than Feared

Data Breach Much Worse Than Feared 04/19/2005 09:25 AM
CBS News Apr 19 2005 2:10PM GMT

Women perform worse than men on average
but even worse when playing against men

Women perform worse than men on average
but even worse when playing against men 04/24/2004 06:22 AM
Notes from the paper Performance in Competitive Environments- Gender Differences

marginalrevolution.com/marginalrevolution/2004/04/politi cally_inc.html
track this site | 5 links

Generals Say They Believed Iraq Had WMD
(AP)

Generals Say They Believed Iraq Had WMD
(AP) 02/10/2004 06:53 PM
AP - The generals who head the nation's military services said Tuesday they were convinced before the invasion of Iraq that Saddam Hussein had weapons of mass destruction.

Five Believed Killed in Saudi Attack
(AP)

Five Believed Killed in Saudi Attack
(AP) 05/29/2004 03:30 AM
AP - Gunmen opened fire Saturday in separate attacks on three housing compounds in the eastern Saudi Arabian city of Khobar, Western diplomats said, and at least five people were believed to be killed, including three Westerners.

All 104 Aboard Afghan Jet Believed Dead
(AP)

All 104 Aboard Afghan Jet Believed Dead
(AP) 02/05/2005 10:15 PM
AP - NATO helicopter gunships found the shattered wreckage of a missing Afghan airliner on a frigid mountain east of the capital Saturday, and officials said they believed none of the 104 people aboard could have survived the crash.

Fire Survivor, Believed Dead, Still
Alive (AP)

Fire Survivor, Believed Dead, Still
Alive (AP) 12/29/2003 11:35 PM
AP - A woman believed to have died after a house fire has been discovered alive in a Boston hospital.

Body of Missing Fla. Girl Believed Found
(AP)

Body of Missing Fla. Girl Believed Found
(AP) 04/16/2005 09:12 PM
AP - Authorities said Saturday they were "almost positive" they have found the body of a missing 13-year-old girl after recovering a corpse from a pond that appeared to match her description down to her green arm cast.

Two Believed Dead in Dallas Plane Crash

Two Believed Dead in Dallas Plane Crash 01/01/2004 05:03 PM
Reuters via Wired News Jan 1 2004 3:32PM ET

Customers' Data Believed Stolen From
Polo

Customers' Data Believed Stolen From
Polo 04/15/2005 05:11 AM
Chicagotribune.com - Thu Apr 14, 11:18 pm GMT

FOXNews.com - Top Stories - Saddam
Hussein Believed Captured in Iraq

FOXNews.com - Top Stories - Saddam
Hussein Believed Captured in Iraq 12/14/2003 07:56 AM
Saddam Hussein has been captured in Tikrit .. they’ve caught Saddam .. reporting .. Fox

foxnews.com/story/0,2933,105706,00.html
track this site | 7 links

Kabul Bomb Death Toll Rises, Up to 12
Believed Dead

Kabul Bomb Death Toll Rises, Up to 12
Believed Dead 08/30/2004 03:11 AM
Reuters via Wired News Aug 30 2004 7:43AM GMT

Kabul Bomb Death Toll Rises, Up to 12
Believed Dead (Reuters)

Kabul Bomb Death Toll Rises, Up to 12
Believed Dead (Reuters) 08/30/2004 03:01 AM
Reuters - The toll from Sunday's car bomb blast in Kabul rose Monday with different accounts from Western security forces and Afghan officials suggesting as many as a dozen people may have been killed.

LexisNexis acknowledges more ID theft

LexisNexis acknowledges more ID theft 04/12/2005 08:45 AM
CNN Money Apr 12 2005 1:12PM GMT

LexisNexis: Files May Have Been Breached
(AP)

LexisNexis: Files May Have Been Breached
(AP) 04/12/2005 07:58 PM
AP - Criminals may have breached computer files containing the personal information of 310,000 people, a tenfold increase over a previous estimate of how much data was stolen from information broker LexisNexis, the company's parent said Tuesday.

Massive LexisNexis ID Theft Feared

Massive LexisNexis ID Theft Feared 04/12/2005 09:54 AM
CBS News Apr 12 2005 1:54PM GMT

LexisNexis: 280,000 more possible data
theft victims

LexisNexis: 280,000 more possible data
theft victims 04/12/2005 01:39 PM
An internal investigation at the LexisNexis division of Reed Elsevier has uncovered evidence that as many as 310,000 more people may have had their personal information exposed to unauthorized individuals who compromised the security of a massive database of public and private information, including Social Security and drivers license numbers.

LexisNexis acknowledges more ID theft on
310,000 people

LexisNexis acknowledges more ID theft on
310,000 people 04/13/2005 04:36 AM
LexisNexis, which compiles and sells personal and financial data on U.S. consumers, said Tuesday that personal information on 310,000 people nationwide may have been stolen. That number is nearly 10 times higher than the figure LexisNexis disclosed last month when it first reported that its databases had been breached. LexisNexis said in March that 32,000 people had been potentially affected by the breaches.

Today's disclosure comes just after an investigation by Reed Elsevier determined that its databases had been fraudulently breached 59 times using stolen passwords. The thieves, who obtained information including addresses and Social Security numbers, did not hack into the computer system and although they were able to get ahold of sensitive password information, the company says it is not certain how the passwords were acquired.

View: The Full Story
News source: CNN

Read full story...

LexisNexis Tightens Data Security

LexisNexis Tightens Data Security 03/19/2005 02:32 AM
AP via Newsday Mar 19 2005 4:44AM GMT

Bin Laden Believed Voice on Net Audio; A
Demand To 'Clean Up This Internet
Effluent'; and Other Trash, Brash,

Bin Laden Believed Voice on Net Audio; A
Demand To 'Clean Up This Internet
Effluent'; and Other Trash, Brash, 05/07/2004 08:34 PM
AVN Online May 8 2004 0:27AM GMT

LexisNexis flap draws outcry from
Congress

LexisNexis flap draws outcry from
Congress 04/12/2005 05:27 PM
It took mere hours for LexisNexis' latest embarrassing data leak revelation to spur cries of condemnation from Congress.

LexisNexis Uncovers More Consumer Data
Breaches

LexisNexis Uncovers More Consumer Data
Breaches 04/12/2005 01:17 PM
Personal information on 310,000 U.S. citizens may have been stolen from its computer systems, 10 times more than its initial estimate last month, data broker LexisNexis said.

It's official: ChoicePoint, LexisNexis
rooted many times

It's official: ChoicePoint, LexisNexis
rooted many times 04/14/2005 02:34 AM
Calif disclosure law puts a stop to cover-ups

LexisNexis: Data on 310,000 people
feared stolen

LexisNexis: Data on 310,000 people
feared stolen 04/14/2005 02:08 AM

LexisNexis: More Consumer Data Breaches
(Reuters)

LexisNexis: More Consumer Data Breaches
(Reuters) 04/12/2005 11:10 AM
Reuters - Data broker LexisNexis said on Tuesday that personal information on 310,000 U.S. citizens may have been stolen from its computer systems, 10 times more than its initial estimate last month.

LexisNexis data on 310,000 people feared
stolen

LexisNexis data on 310,000 people feared
stolen 04/12/2005 02:37 PM
Data broker LexisNexis said personal information may have been stolen on 310,000 U.S. citizens, or nearly 10 times the number found in a data breach announced last month.

Paul Krugman: "The mess in Iraq was
created by officials who believed what
they wanted to believe, and ignored
awkward facts. It seems they have
learned nothing."

Paul Krugman: "The mess in Iraq was
created by officials who believed what
they wanted to believe, and ignored
awkward facts. It seems they have
learned nothing." 04/24/2004 07:27 AM
What Went Wrong? .. Link:

nytimes.com/2004/04/23/opinion/23KRUG.html
track this site | 5 links

LexisNexis Revises Potential Data Theft
Figure By Tenfold

LexisNexis Revises Potential Data Theft
Figure By Tenfold 04/13/2005 01:42 AM
Information Week Apr 13 2005 5:58AM GMT

LexisNexis Suddenly Notices Massive Data
Security Breaches Everywhere They Look

LexisNexis Suddenly Notices Massive Data
Security Breaches Everywhere They Look 04/12/2005 06:01 AM
Funny how once the media attention for the various computer security break-ins started receiving attention, the various firms who were caught handing out your private data suddenly noticed that they'd actually been leaking data all along. Choicepoint, which was the first big one to admit a problem, later found a histo ry of leaked data. It appears they're not alone. LexisNexis, whose Seisant subsidiary wasn't particularly careful in how it kept all that data about you that you didn't realize they had (much of it, probably wrong ), decided that maybe it would be a smart move to look over some past transactions to see if this data leakage was a new problem. Turns out that it wasn't. LexisNexis is now admitting that they found not one or two more cases, but fifty-nine cases where their security was breached, opening up access to all sorts of private data (this is one of the databases the government likes to use to build profiles on people). The company is sending out letters to 280,000 people to let them know that they may have to spend the rest of their lives carefully scanning credit reports to make sure the company's own negligence didn't result in identity theft. Meanwhile, everyone's still being told that, basically, there 's nothing they can do against any of these firms that didn't seem to care about your privacy at all.

From Bad To Worse?

From Bad To Worse? 12/30/2003 01:22 AM

It's only going to get worse

It's only going to get worse 04/09/2004 04:08 PM

This analysis of the spread of the witty worm is fascinating for a whole bunch of different reasons.

Firstly, the analysis was made possible by USCD's Network Telescope, a network monitoring system on a massive scale which takes advantage of the fact that IP arranges were handed out like candy back when the 'net was in its infancy. USCD controls a huge chunk of all potential IPv4 addresses, and their network telescope tracks data sent to 1/256th of all IPv4 traffic. Since most worms target random IP addresses this makes the telescope a unique tool in analysing the spread of hostile code in the wild.

Next, Witty Worm was no ordinary worm. It targeted an exploit in ISS firewall products, which include the popular BlackICE product targeted at home users; this means the worm was actively attacking people who had made an effort to secure their machines! It also carried a destructive payload - a rarity for worms in the wild. Additionally, the exploit it used had only been publically announced the day before. It's possible the authors new of the vulnerability in advance, but it's far more likely they had already written the payload and were just waiting for a new vulnerability to use as the carrier.

From reading the report, it seems that the worm managed to infect virtually every one of its potential targets that were connected to the internet. This critical point is what makes the worm so interesting, because it destroys the idea that non-Windows users are made more secure by their relatively lesser numbers. If a worm came out with a similar methodology to Witty Worm but that targeted Linux, OS X or even something with a truly tiny statistical footprint like BeOS it could still achieve almost total infection of its chosen target audience.

The worm also appears to have used a number of techniques that had previously been hypothesized by the security communit, such as spreading from a number of pre-infected hosts.

If a worm can spread this fast, with this little notice, and infect almost all of the vulnerable population, we're in a pretty precarious state.

Related reading: The Peon's Guide to Secure System Development, Slashdot's thread on the Witty Worm analysis (some of the +5 comments are pretty good).

It was worse than you think. Also
better.

It was worse than you think. Also
better. 07/06/2004 06:43 AM
The cd of images from my running of the Marathon des Sables arrived this morning, just as the temperature here hit the low 90s. I'm starting to have flashbacks. I've been training for the my manhauling attempt on the North...
Grok Description matches for LexisNexis Breach Worse Than Believed
GrokA matches for LexisNexis Breach Worse Than Believed

LexisNexis Breach Worse Than Believed

The following phrases have been identified by the grok system as matching this entry: