enthalpy

Saturday, February 04, 2006


Just when some people thought their personal information has been compromised, the rest of the world finds out they're in the same amount of risk. Keep in mind this happened over three years ago.
From October, 2000 until last June, Baas worked as the system administrator at the Market Intelligence Group, a Cincinnati data mining company that was performing work for Acxiom. As part of his job, he had legitimate access to an Acxiom FTP server. At some point, while poking around on that server, he found an unprotected file containing encrypted passwords.

Some of those passwords proved vulnerable to a run-of-the-mill password cracking program, and one of them, "packers," gave Baas access to all of the accounts used by Acxiom customers -- credit card companies, banks, phone companies, and other enterprises -- to access or manage consumer data stored by Acxiom . He began copying the databases in bulk, and burning them onto CDs.

In all, Baas downloaded "millions" of consumer records, says prosecutor Robert Behlen. "He didn't execute any fraud with them," says Behlen. "He apparently liked to collect information." Baas' attorney didn't return a phone call.
He may have "liked" to collect information, but Acxiom, and dozens of companies like them make Billions of dollars off of selling your information to marketing firms and for the last five years, the Department of Justice. So what? We'll see how complacent the American Sheeple are when this information is stolen, corrupted, or used for other deleterious motives. Will it be too late when a few exabytes on a hard drive in Arkansas house someone's entire life history, keystroke for keystroke?



Home