State AGs probe Experian subsidiary's data breach
The breach involved 200 million personal records
IDG News Service - A group of state attorneys general in the U.S. is launching an investigation into a recently disclosed data breach of 200 million personal records at a subsidiary of credit monitoring firm Experian.
Connecticut Attorney General George Jepsen plans to investigate the breach, according to a spokeswoman, and a group of attorneys general, including Lisa Madigan of Illinois, will also investigate, according to a news report. The investigations would focus on a breach at Court Ventures, a data broker Experian purchased in 2012.
A database of consumer records that Court Ventures had access to was breached by Hieu Minh Ngo, a Vietnamese man who ran a business based on selling personally identifiable information, according to news reports and court records. It's unclear when Ngo breached the database Court Ventures had access to.
Ngo apparently tricked Court Ventures into giving him access to a personal records database by posing as a private investigator from Singapore, according to reports from Krebs on Security. Much of the information about the Court Ventures breach came out when he pleaded guilty in March in a New Hampshire court to wire fraud, identification fraud and fraud in connection with access devices.
Ngo was arrested in Guam in February 2013, according to court documents. He had been selling personal information, including credit card numbers and Social Security numbers, since 2007, and had about 1,300 customers at the time of his arrest, according to court information. Ngo allowed his customers to make more than 3 million queries of the database compromised through Court Ventures.
An Experian spokesman didn't return a message seeking comment on the investigations.
Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's email address is firstname.lastname@example.org.
- Comprehensive Advanced Threat Defense The hot topic in the information security industry these days is "Advanced Threat Defense" (ATD). This paper describes a comprehensive, network-based approach to...
- Advanced Threat Defense: A Comprehensive Approach In this interview, Peter George, president, General Dynamics Fidelis Cybersecurity Solutions, explains why we need more than anti-malware, and what constitutes a comprehensive...
- 2013 Cyber Risk Report The "Cyber risk report 2013 Executive summary" presents the major findings of HP Security Research's comprehensive dive into today's cyber vulnerability and threat...
- Cybersecurity for Dummies eBook This book provides an in-depth examination of real-world attacks and APTs, the shortcomings of legacy security solutions, the capabilities of next-generation firewalls, and...
- Live Webcast Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different.... All Cybercrime and Hacking White Papers | Webcasts