USPS probes possible mass security breach

Lexis Nexis and Investigative Professionals issue new warnings about breach that could lead to potential compromise of credit cards.

Ariel Bashi Special to CNET News

Update 9:40 a.m. May 4: Added comment from the Postal Inspectors Service and details about when the breach took place.

This story was originally published at CBSNews.com.

CBS News has learned of another data breach potentially compromising the personal information of thousands of people. Companies Lexis Nexis and Investigative Professionals have sent up to 40,000 letters to customers whose "sensitive and personally identifiable" information may have been viewed by individuals who should not have had access.

The United States Postal Inspection Service is investigating a data breach at both companies that resulted in sensitive information being used in a crime. Those individuals have been notified. Sources tell CBS News that the data breach is linked to a Nigerian scam artist who used the information to incur fraudulent charges on victims' credit cards.

Peter Rendina, a spokesman for the Postal Inspectors Service, said that of the 40,000 individuals whose information was accessed, up to 300 were compromised and used to obtain fraudulent credit cards.

In a letter sent to those whose personal information was compromised, Lexis Nexis said that the unauthorized access took place between June 14, 2004, and October 10, 2007, and the private information viewed included names, dates of birth, and possibly even Social Security numbers

It also cautions customers to review their credit reports for any inaccuracies, to report any errors or suspicious activity to creditors as soon as possible, and to contact the United States Postal Service if they believe their personal information may have been compromised.