Sign in with
Sign up | Sign in

Huge Identity-Theft Ring Exposed by Lone Security Researcher

By - Source: Tom's Guide US | B 4 comments
Tags :

The pranksters who exposed the credit reports and Social Security numbers of dozens of prominent Americans used a hidden identity-theft service that tapped directly into some of the biggest data aggregators in the country, a new report states.

Independent security researcher Brian Krebs revealed on his Krebs on Security blog yesterday (Sept. 25) that the service, known as SSNDOB (Social Security Number Date of Birth) used malware to obtain secret access to the databases of LexisNexis, Dun & Bradstreet and Kroll Background America.

LexisNexis holds legal, print media and public-records information dating back decades; Dun & Bradstreet aggregates business and credit data on companies; Kroll gives corporations background data about prospective hires, including employment and health histories and drug-test results.

Krebs' analysis shows that over two years, SSNDOB had about 1,300 clients who bought personally identifiable information on at least 4 million U.S. residents.

MORE: 7 Ways to Lock Down Your Online Privacy

One group of clients spilled the beans this past March and April by "doxing" Michelle Obama, Mitt Romney, Beyoncé, Jay Z, Paris Hilton, Kanye West, Bill Gates and two dozen other celebrities and public officials. The exposed credit reports seemed to have been obtained from credit agencies by persons using SSNDOB data to pose as the individuals concerned.

A couple of months after the "doxing" incidents, Krebs said, hackers attacked SSNDOB's website, got into its servers and stole its records. Krebs ended up with a copy of the database records.

The service's main website at ssndob.ms has been taken offline, but similar services can be found at ssndob.cc and ssndob.biz.

Krebs said the data provided by SSNDOB cost between 50 cents and $2.50 per individual record for standard Social Security numbers and dates of birth, and between $5 and $15 for background and credit checks.

Armed with that sort of data, an identity thief could build up a trail of false documentation that would let him or her open a bank account, get a drivers' license, apply for a loan or even buy a car using someone else's name.

The malware used to infect the data-aggregators' servers was so good that it remained undetectable by almost every brand of anti-virus software — until a couple of weeks ago.

An FBI spokeswoman told Krebs the bureau was "aware of and investigating this case."

Krebs promises more results from his investigation in the coming days.

Follow Paul Wagenseil at @snd_wagenseil. Follow Tom's Guide at @tomsguide, on Facebook and on Google+.

Discuss
Ask a Category Expert

Create a new thread in the Off-Topic / General Discussion forum about this subject

Example: Notebook, Android, SSD hard drive

This thread is closed for comments
  • 2 Hide
    MaxTesla , September 26, 2013 11:58 AM
    Good work from Brian Krebs :) 
  • 2 Hide
    brucek2 , September 26, 2013 12:22 PM
    I didn't know about the Kroll service having health records. How is this legal? I thought there were confidentiality laws that should both prevent Kroll's service from getting the data in the first place, and then being able to resell it in the second place.
  • 2 Hide
    dextermat , September 26, 2013 12:35 PM
    Yeah, if you think the law are there to protect you identity......
  • Display all 4 comments.
  • -1 Hide
    SuckRaven , September 26, 2013 1:17 PM
    Keep putting teh moar data in teh clouds !!! =)
Tom’s guide in the world
  • Germany
  • France
  • Italy
  • Ireland
  • UK
Follow Tom’s guide
Subscribe to our newsletter
  • add to twitter
  • add to facebook
  • ajouter un flux RSS