Hackers commandeered a database owned by information industry giant Lexis Nexis (search), gaining access to the personal files of as many as 32,000 people, company officials said Wednesday.
Federal and company investigators were looking into the breach at Seisint (search), which was recently acquired by Lexis Nexis and includes millions of personal files for use by such customers as police and legal professionals.
Information accessed included names, addresses, Social Security and driver's license numbers, but not credit history, medical records or financial information, corporate parent Reed Elsevier Group PLC (search) said in a statement.
"We sincerely regret the circumstances that were recently announced," Kurt Sanford, president and chief executive officer of Lexis Nexis corporate and federal markets, said in a statement.
It is the second such infiltration at a large database provider in recent months. Rival ChoicePoint Inc. (search) said last month that the personal information of 145,000 Americans may have been compromised by thieves posing as small business customers.
Lexis Nexis will be notifying affected customers in the coming days, Sanford said. It will provide them with ongoing credit monitoring "and other support to ensure that any identity theft that may result from these incidents is quickly detected and addressed," he said.
The company is also enhancing ID and password administrative procedures and requirements, he said.
Seisint provides data for Matrix, a crime and terrorism database project funded by the U.S. government that has raised civil rights concerns.
In the ChoicePoint scam, at least 750 people were defrauded, authorities say. The incident fueled consumer advocates' calls for federal oversight of the loosely regulated data-brokering business, and legislative hearings are expected.
"The U.S. law enforcement agencies have asked us not to say too much as they are in the process of trying to track down the people who are responsible," said Catherine May, a Reed Elsevier spokeswoman in London.
The spokeswoman said the breach was discovered during internal checking procedures of customers' accounts. Reed said it would contact all 32,000 people affected to offer them support in detecting identity theft, including credit monitoring.