Hackers rather than an inside job are being blamed for an attack on an Illinois state agency's server that left thousands of property market workers potentially exposed to identity theft.

Attacks on the systems of the Illinois Department of Financial and Professional Regulation, carried out in January but not discovered until last month, are reckoned to have exposed the details of 300,000 real estate agents and mortgage brokers. The Social Security numbers and other sensitive data on around a quarter of the 1.2m people registered by the agency might have been exposed. State Police and the FBI are investigating, the Chicago Sun Times reports.

The targeted server was being used to test new software, Information Week adds.

Agency spokeswoman Susan Hofer said that those potentially affected by the attack have been notified. She added that investigators are working on the theory that unidentified hackers carried out the raid.

The Illinois Department of Financial and Professional Regulation is trying to damp down fears arising from the attack. Hofer said hacked systems didn't contain credit card information. Although the hacked server did contain Social Security numbers and business tax ID numbers, attackers would have difficulty matching this data with the names and addresses of potential marks, data that wasn't directly cross-referenced. Data on the server only referred to real estate professionals and was mostly old, Hofer told the Chicago Sun Times. ®

4 comments posted — Comment period finished