Dun & Bradstreet, Others Hacked for Personal Data



data collectors hacked

The major objective of many cyber attacks on websites and databases isn’t compromise of your technology at all. It’s the private information you’ve stored on your customers, clients or anyone else with whom you’ve ever done business.

That point was again made recently with news that three giant data collectors –Dun & Bradstreet, Hire Right/Krebs and NexisLexis — had been hacked.

The objective: Social security numbers, birth records and credit and background reports on millions of Americans.

Access to this information was later sold on a website for 50 cents to $2.50 per record or $5 to $15 per credit or background check, reports KrebsOnSecurity. The security news website broke the story after a seven-month investigation drawing coverage from national media and investigation by law enforcement.

Your Customers Could Also Be Targets

Of course, you don’t need to be a giant data aggregator to be targeted by hackers working to steal customer or client information.

For example, smaller firms (250 employees or less) were the targets of 31 percent of all cyber attacks in 2012, up 18 percent over the previous year.

Again, the targets of these attacks were often not the companies themselves but any information obtained from customers, in many cases during an online transaction.

Information Companies Are at Risk

All three targets in the recent cyber attack were in the information business, reports KrebsOnSecurity.

For example, LexisNexis has the world’s largest database of legal and public records. Meanwhile Dun & Bradstreet collects and licenses information on businesses and corporations. And Hire Right/Kroll provides background checks, drug and health screening of employees.

What the companies all have in common is the collection of a huge amount of data.

Do you collect customer data in online transactions? Do you use it to create your email list or add it to your customer relationship management software?

If so, then your business could be a target for cyber criminals seeking private information on the people with whom you do business.

Hacked Photo via Shutterstock

7 Comments ▼

Joshua Sophy Joshua Sophy is the Editor for Small Business Trends and the Head of Content Partnerships. A journalist with 20 years of experience in traditional and online media, he is a member of the Society of Professional Journalists. He founded his own local newspaper, the Pottsville Free Press, covering his hometown.

7 Reactions
  1. I’m not surprise, sadly. It seems none of our information is truly secure.

  2. It seems that this is going to be an increasingly ongoing theme now days. The only thing we can do is become more and more vigilant against these hackers and thieves.

  3. I wonder if these companies are targeted or if it’s just random attacks on server farms? Even our dinky little server gets hit hard sometimes by random snoopers and it’s hard to keep on top of them.
    I also heard that Adobe was hacked today and over 3 million credit cards were compromised. How does a company not encrypt this kind of data?
    I was actually walking the dog one day and found a cell phone that was damaged, someone ran it over or something (this was in the winter). I opened up the phone, pulled out the micro SD card and it actually had over 1000 paypal emails and passwords on it. Data is just so loose now and a person has to really take care of their data. Perhaps change cards every six months or keep a card with a low limit that is your online only card.

    • The problem with cards is that they can get lost, can be broken down and replaced. That’s why most companies store information on the online server. But this will make it more prone to cyberattacks. I guess this is a call to amp up security methods for the sake of customers.