According to an investigation by security researcher Brian Krebs shows a group of identity thieves has successfully broken the security of three major data brokers, which is giving access to Social Security numbers, birth records, credit and background reports of Americans.
Website named ssndob.ms, or just SSNDOB is behind the attack , by using botnets they gained access to the three major Data Broker’s systems:
- LexisNexis—one of the largest data brokers in the world
- Dun & Bradstreet—data broker that specializes in business data for determining credit worthiness
- Kroll Background America—background, drug, and health screening company.
Now, the breach has been confirmed by two of the above data brokers (LexisNexis and Dun & Bradsheet) but if we talk about the Kroll—they neither confirmed nor declined about the breach, and reiterated its commitment to “protecting the data and privacy of our customers.” The FBI confirmed with Krebs that it is investigating the attack.
SSNDOB has for the past two years marketed itself on underground cybercrime forums as a reliable and affordable service that customers can use to look up SSNs, birthdays and other personal data on any U.S. resident. Prices range from 50 cents to $2.50 per record, and from $5 to $15 for credit and background checks. Customers pay for their subscriptions using largely unregulated and anonymous virtual currencies, such as Bitcoin and WebMoney, Krebs wrote on his blog.
Krebs also found that a hacktivist group called UGNazi used SSNDOB to collect data of various top celebrities — such as performers Beyonce, Kanye West and Jay Z — as well as prominent public figures, including First Lady Michelle Obama, CIA Director John Brennan, and then-FBI Director Robert Mueller and posted on exposed.su.
One more thing found to be very effective when Krebs reviewed a copy of SSNDOB database—he found that the site’s 1,300 customers have spent hundreds of thousands of dollars looking up SSNs, birthdays, drivers license records, and obtaining unauthorized credit and background reports on more than four million Americans.
Now, you can assume how your personal information is easy to purchase in the market at cheap rates, it can also be used to take out fraudulent loans in your name because financial institutions often ask specific personal questions about a person’s financial history, such as the precise amount of a recent mortgage payment and the info provided by SSNDOB contain all these things.
The article was later updated to tell SSNDOB appears to be down.
VIA– KrebsonSecurity | Digital Trends
