What a Tangled Web of ID Theft…Maybe

Through a long investigative thread, a questionable service selling personal data may be revealed as the center of an extensive web of data theft.

ID Theft Service Steals Data?

For more than two years, SSNDOB [ssndob(dot)ms] offered services, mostly through underground cybercrime forums, selling personal data on US residents. The source of the data sold by SSNDOB remained unknown until its systems were compromised by multiple attackers.

Sources Unknown

A copy of the SSNDOB database was extensively reviewed, but it still did not list the sources of the stolen information.

Botnet

Further analysis indicated that SSNDOB networks were also responsible for operating a notorious botnet. This group of remotely controlled hacked computers were in direct communication with internal systems at several large US data brokers.

Data Brokers Victimized

Response from the affected data brokers indicates that public facing web servers were certainly compromised. Additional analysis suggests that intruders also had access to internal networks.

Investigation Continues

All the affected data brokers are working with Federal authorities, assessing the damages, and using third-party forensics firms to determine how far the security breaches extend. Whether or not any sensitive information was accessed has yet to be determined.

 

Reference:
http://krebsonsecurity.com/2013/09/data-broker-giants-hacked-by-id-theft-service/