funsec mailing list archives
Acxiom pitched feds on large-scale Web-surveillance project in 2001
From: "Fergie" <fergdawg () netzero net>
Date: Tue, 7 Feb 2006 18:29:01 GMT
Via ComputerWorld. [snip] In November 2001, Acxiom Corp. proposed to the U.S. Department of Justice that it conduct an Internetwide surveillance of Web sites touching on topics such as abortion, racial superiority, politics, religion, immigration, and foreign affairs, using technology designed to extract business contact information from dot-com sites. Information about the proposed surveillance was included in documents released Thursday by the Electronic Privacy Information Center. The documents stated that information thus obtained could be used for both terrorism-related data analysis and an "Identity Verification System to be used by airlines, rental car agencies, and other business and government agencies." [snip] My favorite part of this article, however, comes later in the text: [snip] The data brokerage has been in the news several times over the past few years for security and privacy breaches. In 2003, it was revealed that Acxiom had given data on millions of passengers of JetBlue and other airlines to an Alabama firm preparing an antiterrorism study for the Department of Defense. While JetBlue apologized to passengers for violating its own customer-information policies, Acxiom drew fire from privacy advocates for not notifying those affected that private information -- including passenger names, addresses, gender, home-ownership status, income, number of children, Social Security number, occupation and vehicle information -- had been turned over to Torch Systems for use in development of its "Homeland Security: Airline Passenger Risk Assessment" study. In 2004, six Floridians associated with defunct e-mail marketing firm Snipermail.com were charged with hacking Acxiom's FTP servers and stealing 8.2GB of information on 1.6 billion consumers. That data included names, e-mail and mailing addresses, and phone numbers, as well as banking and credit card data, including account numbers. A Snipermail executive, Scott Levine, was eventually convicted of 120 counts of unauthorized access to data in that case; a presentencing report released last month indicates that he could serve between 19-and-a-half and 24 years for those crimes. On its Web site, Acxiom claims to work with nine of the top 10 credit card issuers, eight of the top nine automotive manufacturers, five of the top six magazine publishing companies, nine of the top 10 retail banks, seven of the top 10 retailers, eight of the top 10 telecommunications companies, and five of the top six media entertainment companies. [snip] How comforting. :-/ http://www.computerworld.com/printthis/2006/0,4814,108348,00.html - ferg -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg () netzero net or fergdawg () sbcglobal net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Acxiom pitched feds on large-scale Web-surveillance project in 2001 Fergie (Feb 07)