Three large scale U.S. data providers claimed on Wednesday they were victims of cyber attacks, after a security website related the breaches to a group that sells stolen social security numbers and other sensitive data.
An FBI spokeswoman stated the bureau was looking into the breaches but declined to elaborate.
The site reported the attacks were carried out by a cyber criminal ring that sold stolen information such as credit reports through the website ssndob.ms.
The criminals would provide social security numbers, birthdays and additional data of U.S. residents for between 50 cents and $2.50 per record, the security site, KrebsOnSecurity reported.Credit reports and background checks cost between $5 and $15, the cybersecurity site reported after a seven-month investigation into SSNDOB.
KrebsOnSecurity alleged the group placed malware on servers at LexisNexis as early as April 2013, proposing that the attackers had access to its internal networks for at least five months.
SSNDOB administrators appeared to have been operating a small botnet which was in direct communication with computers inside several large U.S. data brokers, KrebsOnSecurity’s report stated.
Five hacked hosts were discovered by analyzing the web interface used to control the botnet. Two of them were inside LexisNexis, two at D&B, and one at Kroll Background America.
“There are grave implications here from a privacy perspective,” said Alex Holden, a cyber forensics expert who served as a consultant to the publication during the investigation.
“To date (we) have found no evidence that customer or consumer data were reached or retrieved,” a LexisNexis representative said in a statement.
D&B spokeswoman Michele Caselnova claims her firm was “aggressively investigating” the attack.
“Data security is a company priority and we are devoting all resources necessary to ensure that security,” she said.