Hackers rather than an inside job are being blamed for an attack on an Illinois state agency's server that left thousands of property market workers potentially exposed to identity theft.

Attacks on the systems of the Illinois Department of Financial and Professional Regulation, carried out in January but not discovered until last month, are reckoned to have exposed the details of 300,000 real estate agents and mortgage brokers. The Social Security numbers and other sensitive data on around a quarter of the 1.2m people registered by the agency might have been exposed. State Police and the FBI are investigating, the Chicago Sun Times reports.

Agency spokeswoman Susan Hofer said that those potentially affected by the attack have been notified. She added that investigators are working on the theory that unidentified hackers carried out the raid.

The Illinois Department of Financial and Professional Regulation is trying to damp down fears arising from the attack. Hofer said hacked systems didn't contain credit card information. Although the hacked server did contain Social Security numbers and business tax ID numbers, attackers would have difficulty matching this data with the names and addresses of potential marks, data that wasn't directly cross-referenced. Data on the server only referred to real estate professionals and was mostly old, Hofer told the Chicago Sun Times. ®

Related stories

• Sun's handling of Java security update prompts concerns (10 July 2007)
• Feds fiddle as cybertopia burns (2 July 2007)
• Europe mulls anti-ID theft law (24 May 2007)
• M&S in ID theft flap over stolen laptop (9 May 2007)
• Feds urge tougher ID theft laws (24 April 2007)
• FSA has power to order data breach disclosure (19 February 2007)
• US ID theft losses decline (5 February 2007)
• Fraud linked to TJX data heist spreads (29 January 2007)
• ID theft nets £85,000 a head: study (19 January 2007)
• Trojans fuel ID theft boom (16 January 2007)
• 100m US records exposed by security blunders (18 December 2006)