Three major database sites -- LexisNexis, Altegrity and Dun & Bradstreet Corp. -- all reported cyber attacks Wednesday, claiming they were targeted by a group known for stealing and selling on data including social security numbers. LexisNexis stated, however, that no sensitive information was retrieved by in the breach of its server.
The disclosures, by Dun & Bradstreet Corp, Altegrity Inc's Kroll Background America Inc and Reed Elsevier's LexisNexis Inc, came after website KrebsOnSecurity first reported the breaches.
The site said the attacks were masterminded by a cybercrime ring that sold stolen data such as credit reports through the website ssndob.ms, or SSNDOB.
The ring offered social security numbers, birthdays and other personal data of U.S. residents for between 50 cents and $2.50 per record, KrebsOnSecurity reported. Credit reports and background checks cost between $5 and $15, the cybersecurity site reported after a seven-month investigation into SSNDOB.
... Five hacked servers were identified by examining the web interface used to control the botnet. Two of them were inside LexisNexis, two at D&B, and one at Kroll Background America.