Saturday, August 13, 2005

Privacy Conviction - Acxiom Data Theft

Levine Convicted in Acxiom Privacy Hack. This Reuters story was found in the Saturday Los Angeles Times Business section in a two paragraph recap! Further searching done online turned up the source of the story as Reuters and Google news served up this longer version at

When a story involves what the Assistant U.S. Attorney General Christopher Wray calls, "the largest intrusion of personal data ever," then it belongs on the front page. To be fair, this conviction came Friday from a Florida court and may not have made it's way to Los Angeles until too late to make the front page (the Times may be on a dialup connection, who knows?)

It is still shocking to see privacy matters treated as so unimportant. Hopefully there will be larger coverage on the weekend and if not major by Monday, I'll put a large bet that says Acxiom is paying to keep the story low profile. That will succeed for only a short period due to the power of the web and the privacy advocates such as EPIC and EFF.

Levine was indicted in July of 2004 and conviction just came over a full year later, suggesting that Levine used his organized crime connections and high-powered defense attorneys to drag it on this long. He was acquitted of money laundering and conspiracy, but his bulk email (read "Spam") company used a weakness in Acxiom's security to download files including street addresses, email addresses, credit card and checking account numbers and other privacy invading personal and financial data to pump up the value of his spamming business.

Levine and his ilk are not the issue at all in this case. What should be focused on here is that a low grade slimeball spammer was able to hack a major data aggregation and information broker that holds data on vast mumbers of consumers. Since he did that evil deed earlier than 2004 and since we have seen multiple major data thefts from dozens of sources just this year, you can bet more are coming and will lead to major legislation and a lockdown on the data brokering industry. They don't protect that data and it is open to organized crime, hacking, social engineering and insider theft as seen in the many high-profile cases so far in 2005.

I suspect that the data brokering business just got vastly less profitable due to increases in the cost of doing business due to rises in security costs, insurance costs and a squeeze on the vetting of the legitimacy of their customers. Private detectives have lost the ability to gather much information already and much is being done to reduce the amount of data available to police and federal investigators through these commercial sources.

The exposure of data theft as a major privacy concern all began due to California laws requiring notice to consumers affected by data theft or loss, New York Governor Pataki just signed a similar data breach notification law and it is fast becoming a national requirement. Thank goodness for that.

Stay tuned for further developments and hang on tight to your personal, private information. If Acxiom, Lexis/Nexis, Choicepoint, CardSystems, or any of dozens of other data brokers holds your data, you haven't a chance of it remaining private since they all sell data to organized crime and are so very cavalier about protecting that data which has made them monstrously profitable corporate entities.

Save To    Digg! Digg This!
posted by RealitySEO at 1:47 PM


Post a Comment

<< Home