The profiles of 32,000 people may have been stolen by hackers who illegally accessed databases owned by publisher Reed Elsevier.
Reed has called in law enforcement authorities in the US to investigate whether IDs and passwords have been fraudulently acquired.
The possible theft at its Seisint unit came to light when the Anglo-Dutch group processed the billing complaint of one of its customers last week.
Information accessed includes names, addresses, social security and drivers' licence numbers, but not credit history, medical records or financial information. Reed customers in the UK are not affected.
Reed pledged to contact all customers affected by the suspected breach and provide credit monitoring and practical support, while also taking action to tighten security.
These measures include better ID and password administration procedures and liaising with law enforcement groups on ways to thwart criminal activity.
Seisint stores and provides personal information to companies, journalists, police and federal investigators. It hit the headlines last year with a database called Matrix that collated information on potential terrorist suspects.
Reed played down the impact of the security breach on its finances and reaffirmed its target of higher earnings and at least five per cent growth in revenues excluding acquisitions.