A computer hacker who broke into Acxom Corp.’s systems was arrested in Ohio during the July 27 weekend, Acxiom said on Friday.
The alleged culprit was a “known sophisticated hacker” who had worked for an Acxiom client, the company said. Law enforcement officials doubt that any information had been released to any other parties or used for fraud, Acxiom continued.
Acxiom was alerted to the breach by Ohio authorities and the Federal Bureau of Investigation. The breach compromised one external File Transfer Protocol server, which was not behind the Acxiom firewall, Acxiom added.
Acxiom has changed all of the passwords on the FTP server involved, and is contacting the clients whose data were compromised. Only a small percentage of the data in the server was accessed.
Acxiom would not name the client for whom the hacker worked.
“At this point, we feel it is as much as a victim as we are,” said company chief privacy officer Jennifer Barrett. She added that data from roughly 10% of Acxiom’s client base was affected.
The Hamilton County, OH sheriff’s office, which reportedly made the arrest, would not comment on the case, according to a message on the public information officer’s voicemail.
Acxiom is working with the sheriff’s office, the FBI and the Secret Service, according to Barrett.
Acxiom company leader Charles Morgan said in a statement that the company has begun a comprehensive review of our systems and procedures with the help of nationally renowned security experts to guard against similar incidents in the future.
