October 28, 2024
In September 2024, National Public Data confirmed that a hacker had compromised the personal records of millions. The exposed information includes names, email and mailing addresses, phone numbers, and Social Security numbers of up to 2.9 billion individuals. Here's what you need to know.
What occurred?
National Public Data, a company that provides criminal records, background checks, and other data to private investigators, consumer public record sites, human resources, staffing agencies, the government, and more, experienced a data breach. The incident is believed to have begun in December 2023 when a third-party attacker attempted to gain access.
In April, a cybercriminal known as "USDoD" posted the stolen data online within a popular criminal community. On August 6, the dataset reappeared, this time freely available on several breach forums for anyone to access and download.
The released sensitive, personally identifiable information included names, addresses, phone numbers, email addresses, and Social Security numbers for millions, including some deceased individuals. The data also contained previous addresses and, in some cases, alternate names.
An official data breach notice filed in Maine indicated that 1.3 million records might have been breached; however, some lawsuits suggest as many as 2.9 billion records were exposed.
As the investigation continues, many cybersecurity experts are finding that some of the released data was inaccurate. Aside from the Social Security numbers, most of it is already public and easily accessible online.
Why is this breach dangerous if the information is already publicly available?
There are several reasons for concern. Having all this critical information consolidated in one place makes it easier for criminals to apply for credit cards, loans, or open new bank accounts using your details.
Information like childhood street names or the last four digits of your Social Security number often serve as answers to security questions, helping hackers bypass authentication and access your private accounts.
Some cybersecurity experts suggest being vigilant for a potential increase in phishing and smishing (phishing via SMS) attacks.
Can you be affected even if you've never heard of National Public Data or purchased data from them?
Yes! Even if you haven't interacted with them, other organizations, businesses, landlords, etc., might have used their resources to gather information about you.
What steps should you take to protect yourself?
Step 1: Check if your data has been exposed. Use tools like https://npd.pentester.com/ to determine if your information has been compromised. If it has, take immediate action.
Step 2: Request a copy of your credit report and freeze your credit. Freezing your credit and setting up alerts is one of the best ways to protect your identity, preventing criminals from opening new lines of credit in your name. Contact the three major credit bureaus—Equifax, TransUnion, and Experian—to request a freeze.
The process is free and should take less than 10 minutes per site. If others in your household are over 18, it's advisable to freeze their credit too, as anyone with a Social Security number is vulnerable following a breach of this magnitude.
Once you have your free credit report, review it for any unauthorized activity. Don't forget to set up alerts and regularly review your credit.
Step 3: Be vigilant against phishing scams. Cybercriminals may use this information to scam you through phone calls, text messages, emails, and even social media. Stay cautious!
A data breach is devastating for everyone involved - the
business hacked and the customers or employees whose data is leaked. As a
business owner, it is your responsibility to make sure you are taking the
highest precautions to protect your business and its data. If you want to do a
full assessment and find out if any of your information has been leaked or if
your network is vulnerable to a breach, we'll do a FREE Consult. This deep dive into your network will provide you with a blueprint
for security steps to take. To book yours, call our office at 630-320-3723 or click here.