Identities May be Collateral Damage in AntiSec Data Dump

Steve Wildstrom / August 10th, 2011

Guy Fawkes maskA couple thousand people could be at high risk for identity theft as a result of a large dump of documents snatched from law enforcement agency web sites by a group calling itself AntiSec. The Aug. 6 data release, latest in a series by what appears to be a loosely linked collection of–take your pick–activists or vandals, was justified as retaliation for the arrests of a number of members of the Anonymous collective.

 

IdentityFinder, which makes software designed to flag personally identifiable information in email messages and a variety of document formats, scanned the data dump (AntiSec claimed it contained more than 10 gigabytes of data.) The check found over 100,000 unencrypted files containing personal data, Included were:

  • 1,923 unique Social Security numbers
  • 4,661 unique passwords
  • 15,738 unique dates of birth
  • 17,105 unique phone numbers

This information, along with an assortment of other data, could be used to cause considerable grief for individuals named in the files. “This is collateral damage,” says Identity Finder CEO Todd Feinman. “AntiSec didn’t care about the consequences, but they weren’t going after ID theft.”

The incident onces again serves as a warning–as if any further alerts were needed–that sensitive personally identifiable information should never be stored in unencrypted files accessible from the internet.  And as an additional warning to anyone who might feel like poking around in the next set of data to be dumped, Feinman also said that many of the files released by AntiSec contained malware, presumably Because the source files were infected.

 

Steve Wildstrom

Steve Wildstrom is veteran technology reporter, writer, and analyst based in the Washington, D.C. area. He created and wrote BusinessWeek’s Technology & You column for 15 years. Since leaving BusinessWeek in the fall of 2009, he has written his own blog, Wildstrom on Tech and has contributed to corporate blogs, including those of Cisco and AMD and also consults for major technology companies.
Protected by Gerben Law