SSNDOB (hacker helmd identity theft service) compromised several servers at major US data brokers. The hacked into some major data aggregators at LexisNexis and Dun & Bradstreet, just to name a couple.
More than 4 million Americans could have their identities compromised as the customers of SSNDOB paid to look up their Social Security numbers, birthdays, driving records, and used that information to obtain background reports.
SSNDOB got its information from a small botnet that it operates. That botnet appears to have access to compromised servers at some of the largest data brokers in the United States. Some of these data brokers include LexisNexis, Dun & Bradstreet, and Kroll Background America. Another real danger is that none of the 46 top anti-malware tools detected the malicious software.
LexisNexis currently maintains one of the world’s largest legal and public record databases. Kroll/Hireright uses their services for running employment background, drug, and health screening services. Dun & Bradstreet are a credit/purchase data holder.
“All three victim companies said they are working with federal authorities and third-party forensics firms in the early stages of determining how far the breaches extend, and whether indeed any sensitive information was accessed and exfiltrated from their networks,” Krebs said. – expose.su
After examination of SSNDOB’s records Krebs stated that they have sold mor than 1.02 million social security numbers and close to 3.1 million records regarding date of birth.
The hacker group/organization sells records for anywhere from 50 cents to $2.50 per record and $5 to $15 for background check records. There is evidence that some of the users that pay for this service are in fact identity theft services. The FBI investigation is on-going.