Custom Search

July 16, 2009

Lexis Nexis reportedly waits more than a year before notifying victims of data breach

Why did Lexis Nexis wait over a year before notifying victims of data breach?! Time is very much of the essence when trying to prevent identity theft. If the reported delay is true, Lexis Nexis should be held accountable.

"Two data breaches involving a subsidiary of LexisNexis have exposed the personal information of more than 13,000 consumers, leaving them vulnerable to identity theft and fraud.

The New Hampshire Attorney General's office posted notification of the breaches on its website last Friday, according to IDG News Service. Under New Hampshire law, data breaches that affect residents of the state must be reported to the AG.

The AG's office has since removed the letters. LexisNexis spokesman Nick Ludlum said Wednesday that 13,329 letters were sent out to affected consumers June 19, according to the Associated Press. The letters say personal information including name, address, driver's license and Social Security number may have been accessed through a former customer of Seisint, a subsidiary of LexisNexis.

Lee Klein, a Florida man with alleged connections to organized crime, is accused of the breach, according to the AP.In May, LexisNexis warned about 32,000 people that their information was stolen as part of a credit card fraud by former business customers of LexisNexis and its subsidiary ChoicePoint.

Computerworld.com reported at the time that LexisNexis waited for more than a year to begin notifying the identity theft victims at the request of the U.S. Postal Inspection Service."

No comments:

Post a Comment