About a month after revealing that personal information of 32,000 consumers had been accessed through misappropriation of legitimate customer identifications and passwords from its Seisint database, LexisNexis said yesterday that an internal review showed another 280,000 consumers to be at risk.
The initial breach was announced March 9 and led the firm to conduct a detailed analysis of data searches across all its business units, LexisNexis said. The investigation yielded 59 instances of fraudulent access to data including names, addresses, Social Security numbers and driver's license numbers.
LexisNexis said it will begin notifying the 280,000 consumers and offer them free credit reports and monitoring for one year as it did for the previous 32,000. It also will provide fraud counseling or specialized assistance on a case-by-case basis to individuals victimized by identity thieves due to the breach.
Very few of the consumers notified in March accepted the offer of free credit reports and monitoring, LexisNexis said, and none reported instances of identity theft to the firm.
The LexisNexis announcement followed a pattern similar to rival data provider ChoicePoint, which initially notified 35,000 California consumers that their information may have been accessed in late January as required by state law. On Feb. 16, it said another 110,000 letters would be sent nationwide involving the fraud.
In the case of ChoicePoint, the data were accessed through accounts set up by data thieves using stolen identities as opposed to stolen IDs and passwords of legitimate customers as was the situation with LexisNexis.
Both firms have tightened credentialing procedures and access to certain data as a result of the breaches. Each company has had representatives testify at committee hearings in the Senate and House of Representatives that may lead to data-related legislation.
Seisint, which provides background check data to businesses, government and law enforcement, was acquired by LexisNexis, a division of Reed Elsevier Group, in September for $775 million. Reed Elsevier Group is owned by Reed Elsevier PLC and Reed Elsevier NV. Reed Elsevier's main offices are in New York, London and Amsterdam. Seisint is based in Boca Raton, FL.
Kristen Bremner covers list news, insert media, privacy and fundraising for DM News and DMNews.com. To keep up with the latest developments in these areas, subscribe to our daily and weekly e-mail newsletters by visiting www.dmnews.com/newsletters