LexisNexis warns of breach after alleged mafia bust

Information broker LexisNexis has warned more than 13,000 consumers, saying that a Florida man who is facing charges in an alleged mafia racketeering conspiracy may have accessed some of the same sensitive consumer databases that were once used to track terrorists.

Lee Klein, 39, of Boynton Beach, Florida, was charged by the U.S. Department of Justice in May following an undercover sting operation that netted 11 suspects from an alleged South Florida crew of the Bonanno crime family.

On Friday, the office of the New Hampshire Attorney General posted a letter that LexisNexis sent out to consumers last month, warning that Klein may have used his access to LexisNexis' Seisint databases "in order to perpetrate certain crimes."

LexisNexis has had problems with credit card fraudsters using its database in the past, but Klein's alleged crimes are different.

In court filings, the DOJ says Klein would provide Bonanno family members with names, addresses and account numbers as part of a fake check-cashing operation. But he's also accused of using computer databases to get information on potential extortion or assault targets as well as "individuals suspected by the Enterprise members of being involved with law enforcement."

In a statement, LexisNexis said Monday that "the former Seisint customer involved in this matter should have provided notice to potentially affected individuals. However, because the customer is no longer in business we provided the notice." The company said it sent out 13,329 notification letters.

Seisint is best known as the creator of the ill-fated MATRIX (Multi-State Anti-Terrorism Information Exchange) terrorist data-mining project, which was shut down in 2005 following privacy concerns. LexisNexis, a division of Reed Elsevier, acquired Seisint in 2004 for US$775 million. It sells two Seisint products: Accurint, which provides information on individuals and their assets, and Securint, a background screening tool.

LexisNexis has had problems preventing criminals from using its databases for identity theft. Last May, the company warned that ID thieves had accessed around 32,000 records using its services. In March 2008, LexisNexis settled charges brought by the U.S. Federal Trade Commission, which said the company wasn't doing enough to prevent its data from being abused.

In the letter posted to the New Hampshire Attorney General's Web site, Lexis Nexis also warned that another man used its databases in an unrelated incident. On May 8, Yomi Jagunna, 44, pleaded guilty to fraud charges, saying he set up a fake debt collection company called the Elam Collection Agency. Using his account, Jagunna obtained and then sold Social Security numbers, charging $30 for each one.

Jagunna, who faces a sentence of up to 15 years on a conspiracy charge, was allegedly part of an eight-man identity theft ring.

The IDG News Service is a Network World affiliate.