It appears that a subsidiary of Experian–one of the nations Big Three credit reporting bureaus–has suffered a massive data hack, exposing some 200 million social security numbers and other personal information to potential theft. Reuters broke the story recently, pointing out that the blame may lie on just one man, a Vietnamese national now in US custody. So how does one of the biggest credit reporting bureaus suffer this kind of massive data breach? Well, let’s take a look.
Worried you may be one of the victims? Take a look at how to tell if you are a victim of identity theft.
The Vietnamese national responsible for the breach, Hieu Minh Ngo, recently pleaded guilty in federal court to operating a website wherein his customers could search through the databases of Court Ventures, a court records database where Ngo’s “customers” could find social security numbers and other personal info of Americans–as the database was shared with another ID company called U.S. Info Search. According to the Reuters report, Experian purchased Court Ventures back in March of 2012, just after Ngo had set up an account with C.V., accessed by pretending to be a Private Investigator from Singapore. And so Ngo was in.
Once inside the massive database of Court Ventures, Ngo set up his own underground business by essentially opening up his “legal” account with Court Ventures to his underground customer base, allowing people to search through the over 200 million accounts on the database. Investigators said over the course of the 18-month scam, some 3.1 million queries were made by Ngo’s customers.
It’s not yet known the extend of the damage or how many people’s accounts and identities might have been compromised. While Ngo was charged in a New Hampshire court, other states such as Connecticut and Illinois, and possibly New York and Massachusetts, are getting involved in the prosecution as well.
What’s scariest for many people, outside of the fact that someone was able to gain access into one of the biggest and most precious data storehouses in America, is the fact that they victims–and potential victims–have not been identified. Meaning, there are millions of Americans out there whose identities might have been compromised and they have no idea. All the more reasons to stay prepared.