You're probably familiar with the process of authenticating yourself on banking or credit-card websites using security questions. Where did you go to elementary school? Who was your maternal grandmother? Etc. Nothing wrong with that. Unless someone else knows the answers.\n\tIf your personal data was ever collected by some of the largest data aggregators in the country\u00a0 - LexisNexis, Dun & Bradstreet, and Kroll Background America - it might be in the hands of a hacker.\n\tThis unsettling incident hasn\u2019t gotten as much attention as it deserves, but hackers apparently gained access to those companies' databases and may have purloined information to steal the people's identities.\n\tJournalist Brian Krebs broke the story and published a report on his website. Krebs, a former Washington Post reporter, spent months digging into a now-defunct, criminally-run site called ssndob.ms (which stands for social security number and date of birth) that was selling the personal information of millions of Americans.\n\tThe story is complicated, but the key break apparently came when the hacker site got hacked and its database was sent to Krebs, who writes:\n\t\n\t\t"The database shows that the site\u2019s 1,300 customers have spent hundreds of thousands of dollars looking up SSNs, birthdays, drivers license records, and obtaining unauthorized credit and background reports on more than four million Americans."\n\n\tUnfortunately, data hacks are all too common. What strikes me about this one is the vulnerability of data aggregators, companies that hold personal data you need to keep secret. Breaking into those databases is like getting the combination to a bank vault; it makes theft very easy.\n\tFor the record, LexisNexis told Krebs that it had "identified an intrusion targeting our data but to date has found no evidence that customer or consumer data were reached or retrieved." The other companies had even less to say.\n\tYou might not have heard of Kroll Background America. It\u2019s a company that provides employment-background, drug and health screening services. Think about the kind of data "locked" inside its servers. Yikes!