310,000 Have Info Stolen from LexisNexis

“NEW YORK (CNN) - LexisNexis, which compiles and sells personal and financial data on U.S. consumers, said Tuesday that personal information on 310,000 people nationwide may have been stolen.”

So the number has grown from 32,000 to 310,000.

The identity thief’s most effective tactic has long been social engineering. The classic example of this involves the calling of individuals posing as tech support in order to ask for a password. A disturbingly large percentage of individuals are quite willing to offer up such info to perfect strangers.

However, the theft of personal info from LexisNexis is much more disturbing.

This is an outfit that is allegedly well-prepared to defend its cache of user information. They have to be, if they want their reputation to remain intact. And in their business, reputation is everything.

But indications are that the breached information was obtained simply via stolen passwords.

It’s one thing for the guy at work who enters packages received into the company system to give up his password. It’s another indeed for someone with access to hundreds of thousands of users’ personal data to be somehow bilked out of his credentials.

Is this what happened? LexisNexis isn’t giving much in the way of details.

It’s a sad fact that phishing has become boringly familiar to online account holders. Who hasn’t received “urgent” messages from PayPal or eBay demanding that users log in to confirm their ID’s and passwords? The thieving scum are getting more and more sophisticated in their techniques to lure the gullible into providing the coveted info. One of the latest tactics is sending users to a website with a javascript-produced “official” URL appearing in Internet Explorer’s address bar. After all, grandmas in Peoria have learned to make sure the website they are visiting has a “real” address, like paypal.com, instead of a bogus one like paypal.ripoff.cn.

So watch your backside. Stay tuned for future columns on the tactics of phishers and pharmers and what you can do to outwit them.