First they came for Equifax and we did nothing because America. Now they are coming for back-end systems and we're...

Imag-I-Nation Technologies (no, not that one) fesses up to database security breach

26 Reg comments Got Tips?

A company that develops and supports software for handling consumer reports and background checks says it was hacked by a miscreant who made off with thousands of people's information.

Imag-I-Nation Technologies (not to be confused with the graphics chip designer of the same name) said that in November of last year, someone was able to access a database containing records it stores for its consumer reports service. The software developer-slash-service provider is now in the process of letting victims know.

Based out of North Carolina, Imagination is a subsidiary of FRS, a software developer specializing in consumer information reports, background checks, and human resources products.

The consumer report database in question was accessed some time around November 1 and the intrusion was discovered and locked down on November 14.

In the meantime, the mystery hacker would have had access to sensitive information, including the full name, date of birth, home address, and social security numbers of those in the database.

"Upon discovering this incident, we immediately conducted an investigation to determine how this incident occurred and who was impacted. We have retained a forensic IT firm to conduct an analysis and remediation of our system," victims are being told.

'Security measures'

"We have also reviewed our internal data management and protocols and have implemented enhanced security measures to help prevent this type of incident from recurring. We are also notifying the three major credit bureaus, Experian, Equifax and TransUnion, to advise them that your personal information may have been improperly accessed and that they should take appropriate action."

While the exact number of people exposed in this security breach is unknown (Imagination did not return a request for comment), the number is well into the thousands, if state reports are anything to go by. In Washington alone, the company says it will have to notify some 3,695 citizens their details were among the information lifted by the attacker. A similar notification was filed in Vermont.

So far, Imag-I-Nation said it was not aware of anyone selling or misusing the pilfered information. Still, it would be a good idea for anyone who does receive a notification letter to keep a close eye on their bank accounts and consider signing up for a credit monitoring service or placing a credit freeze.

The incident is similar to (but far less severe than) 2017's mega-hack that occurred with credit reporting giant Equifax. In that incident, millions of Americans and Brits had the personal information used for credit checks lost to hackers. ®


Biting the hand that feeds IT © 1998–2020