What types of information are exposed when Anonymous and affiliated hacker groups publish your organization's data? A research team has done a careful study of AntiSec's most recent dump of data from law enforcement agencies--and for the individuals whose data was involved, the news is not good.
Identity Finder, a maker of identity protection and data leak prevention tools, this week released a detailed analysis of the 10-gigabyte confidential data cache of 70 U.S. law enforcement agencies that was published recently by the AntiSec movement.
The study confirms claims by AntiSec stating that the cache contains "hundreds of private email spools, password information, address and social security numbers, credit card numbers, snitch information, training files, and more."
Identity Finder used its DLP tools to analyze the published data, which contains information regarding officers, informants, and law enforcement investigations, according to the company. Using its data analysis tools, Identity Finder found 2,719 Social Security Numbers (1,923 unique); 15,798 dates of birth, including duplicates; 8,214 passwords, including duplicates; 45,764 postal addresses, including duplicates; eight credit card numbers; 53 drivers license numbers; 89,589 telephone numbers, including duplicates; and 1.5 million email addresses, including duplicates.
"The 1,923 Social Security numbers were one of the biggest concerns, because they could be correlated with full names, addresses, and dates of birth," said Todd Feinman, CEO of Identity Finder. "With that information, a hacker can open up a credit card account, or even steal a tax refund."
At a full-day virtual event, InformationWeek and Dark Reading editors will talk with security experts about the causes and mistakes that lead to security breaches, both from the technology perspective and from the people perspective. It happens Aug. 25. Register now.