A seven-month investigation by KrebsOnSecurity revealed that more than 1,300 customers of SSNDOB, an ID theft service, spent hundreds of thousands of dollars looking up SSNs, birthdates, and driver license records and unauthorized credit and background reports obtained by hacking into LexisNexis, D&B and other major data brokers. The finding is based on a copy of the SSNDOB database that became available after the ID theft service was itself hacked.
According to the SSNDOB’s online dashboard, the hackers had access to LN’s internal networks as far back as April 10, 2013 and D&B’s at least as far back as March 27, 2013. For details, see KrebsOnSecurity’s Data Broker Giants Hacked by ID Theft Service. See also Dan Goodin’s How LexisNexis and others may have unwittingly aided identity thieves (Ars Technica).