Data breaches – are you targeting the right risks?
Jinfo Blog
5th May 2009
Item
As many as 40,000 customers of LexisNexis and of due diligence specialist Investigative Professionals may have had their personal information compromised in a data breach linked to a credit card scam. According to CBS News, which broke the story (http://digbig.com/4yrhh), the unauthorised access to LexisNexis accounts took place in 2007, but the company says that the United States Postal Inspection Service (USPIS) has only allowed it to notify customers now so as not to compromise the investigation. In a letter sent to potential victims and reproduced in the CBS report, LexisNexis said that those responsible for perpetrating the suspected fraud were at one time customers of theirs and of Choicepoint, which was subsequently acquired by LexisNexisâs parent Reed Elsevier and absorbed into the LexisNexis Risk & Information Analytics Group (http://digbig.com/4yrhj). Now LexisNexis is offering potentially affected customers a yearâs free credit monitoring from Experian subsidiary ConsumerInfo.com, to enable them to identify any possible fraudulent use of their information. Beyond that, LexisNexisâs advice to its customers is pretty commonsense stuff: review your credit reports carefully for enquiries that you didnât initiate or transactions you didnât authorise, and look out in particular for errors in your name and address information â which could be warning signs of identity theft, but could equally be the result of simple mistakes. In the circumstances, the surprise is not that this has happened, but that it doesnât happen more often. According to the latest Microsoft Security Intelligence Report (http://digbig.com/4yrhk), spam and phishing attacks make up a staggering 97% of the email that is sent. However, while avoiding any danger of complacency, the response needs to be proportionate to the risk. Of the 40,000 people in the USPIS investigation whose information was accessed, CBS reports that only around 300 were actually compromised â and Microsoft also quotes figures from the Open Security Foundationâs Data Loss Database (http://digbig.com/4yrhm) which suggests that, in general, security breaches from hacking or malware account for less than 20% of the total of data lost. By contrast, of all the incidents reported, stolen and lost equipment such as laptops account for half.About this article
- Blog post title: Data breaches – are you targeting the right risks?
- Link to this page
- View printable version
What's new at Jinfo?
Vendor adoption of AI
Community session
23rd May 2024
Mainstream GenAI, emerging vendors and your offshore resourcing strategy
Blog posting
9th May 2024
May 2024 Update
YouTube video
9th May 2024
- Jinfo Community session (TBC) (Community) 16th July 2024
- Jinfo Community session (TBC) (Community) 18th June 2024
- Vendor adoption of AI (Community) 23rd May 2024
Learn more about the Jinfo Subscription