U.S. attorneys general launched a multistate investigation into a data breach at a subsidiary of Experian that gave criminals access to consumers' bank account, Social Security and drivers' license numbers.
Representatives for Illinois Attorney General Lisa Madigan and Connecticut Attorney General George Jepsen confirmed the investigation, Reuters reported Thursday.
An Experian spokesman declined comment on the probe, saying the company's policy is to not comment on such investigations.
It is the first action taken against the data broker and credit bureau since Vietnamese national Hieu Minh Ngo, pleaded guilty in New Hampshire federal court to running an underground website that offered clients access to personal data of Americans. Ngo had access to database of records on some 200 million Americans, according to court filings, though Experian said, in a blog post last month, he likely accessed much fewer.
Federal officials say he obtained Social Security numbers through a U.S. firm known as Court Ventures, which provides customers with access to court records. It also offered them access to a database of Social Security numbers through a data-share arrangement with another firm, known as U.S. Info Search.
Officials with both Experian and U.S. Info Search say they have not been able to ascertain which records were accessed by Ngo's customers and are therefore unable to notify victims.
News of the breach surfaced as the Obama administration seeks to strengthen the government's ability to compel businesses to adequately secure consumer data. FTC Chairwoman Edith Ramirez on Wednesday asked the Senate Homeland Security committee to pass national breach notification legislation.