14 DAY TRIAL // In September, Brian Krebs revealed that cybercriminals were using data stolen from a number of data broker giants in order to fuel an identity theft service. The expert warned that Dun & Bradstreet was one of the impacted companies.
On Monday, the firm – which licenses information on businesses and corporations for use in credit decisions, business-to-business marketing and supply chain management – started sending out notification letters to customers.
“Based on our investigation of the incident to date, we believe the attack primarily occurred during a fifteen (15) day period in March and April 2013 and potentially resulted in unauthorized access to our environment, including one of our commercial information databases,” the letters read.
“The potentially exposed information is generally available from public sources. In some circumstances this information may have included certain personal information provided in a business context. This letter has not been delayed by a law enforcement investigation.”
Dun & Bradstreet says that it is working with law enforcement on investigating the case. Impacted individuals are warned that the compromised information included their business identification numbers that may have been represented by their social security numbers.
The company is offering affected customers free AllClear ID protection services for 12 months. Recipients of the letter, submitted to the California Office of the Attorney General, are also informed that Equifax, Experian and TransUnion have been alerted regarding the incident.
In addition to Dun & Bradstreet, several other data broker giants have been breached by the cybercriminal group. The list includes LexisNexis, HireRight/Kroll, and the National White Collar Crime Center.
The same cybercriminals are believed to be behind the Adobe hack as a result of which the details of millions of users and source code have been compromised.