Cyber Incident Victim: Interactive Data

In June 2020, a cybersecurity researcher discovered a criminal group exploiting compromised accounts at Florida-based data broker Interactive Data LLC (IDIdata.com) to harvest personal and financial records of U.S. consumers. The researcher, who monitored the group's communications for weeks, observed members sharing detailed records via an open email service that allowed public viewing of messages without authentication. The stolen data, bearing markers tracing back to Interactive Data's systems, included sensitive information enabling identity theft. The group, estimated to comprise hundreds of individuals, used this data to impersonate victims while submitting fraudulent applications for COVID-19 economic relief programs. Their activities targeted two primary channels: the U.S. Small Business Administration's small business loan programs and state-administered unemployment insurance systems.

The fraudulent schemes resulted in tens of millions of dollars stolen from federal and state treasuries before detection. KrebsOnSecurity verified the group's communications, which contained numerous records explicitly sourced from Interactive Data's platforms. Interactive Data, which markets access to a "massive data repository" on U.S. consumers to clients including law enforcement, had not publicly disclosed the account compromises at the time of reporting. The researcher proactively shared findings with state and federal authorities to disrupt the operations. The incident highlighted the exploitation of data broker systems to fuel large-scale financial fraud during pandemic relief efforts, though specific details regarding the number of affected individuals or Interactive Data's containment measures were not disclosed in available sources.