National Public Data Breach: What You Need to Know
In September 2024, National Public Data confirmed that a hacker had compromised the personal records of millions of individuals. The exposed information includes names, email addresses, mailing addresses, phone numbers, and Social Security numbers, affecting up to 2.9 billion people. Here's what you need to know.
What Happened?
National Public Data, a consumer data broker specializing in criminal records, background checks, and other forms of data for private investigators, consumer public record sites, human resources, staffing agencies, the government, and more, was hacked. The breach is believed to have started in December 2023 when a third-party bad actor attempted to gain access.
In April 2024, a cybercriminal known as "USDoD" posted the stolen data online in a popular criminal community. On August 6, the stolen dataset resurfaced, this time posted for free on several breach forums for anyone to access and download.
The sensitive, personally identifiable information released included names, addresses, phone numbers, email addresses, and Social Security numbers for millions of people, some of whom are deceased. The data also contained previous addresses and, in some instances, alternate names.
The official data breach notice filed in Maine indicated that 1.3 million records may have been breached; however, some lawsuits suggest that as many as 2.9 billion records have been exposed.
As the investigation continues, many cyber experts are finding that some of the released data was inaccurate, and aside from the Social Security numbers, most of it is already public and easy to find online.
Why Is This Breach Dangerous?
Despite much of the information being publicly accessible, having it all in one place makes it easier for criminals to misuse it. This data can be used to apply for credit cards and loans or open new bank accounts.
Information such as childhood street names or the last four digits of your Social Security number are often answers to security questions, which can help hackers bypass authentication and access your private accounts.
Some cyber experts are predicting a surge in phishing and smishing (phishing over SMS) attacks as a result.
Can You Be Affected Even If You've Never Heard of National Public Data?
Yes. Even if you haven't directly interacted with National Public Data, other organizations, businesses, landlords, etc., may have used their services to gather information about you.
What Should You Do to Protect Yourself?
Step 1: Check if your data has been exposed. You can use tools like [https://npd.pentester.com/](https://npd.pentester.com/) to find out if your information has been compromised. If so, take immediate action.
Step 2: Request a copy of your credit report and then freeze your credit. Freezing your credit and setting up alerts is one of the best ways to protect your identity. This prevents criminals from opening new lines of credit in your name. Contact all three major credit bureaus—Equifax, TransUnion, and Experian—and request a freeze.
The process is free and should take less than 10 minutes per site to complete. If there are others in your household over the age of 18, it's a good idea to freeze their credit too. Anyone with a Social Security number is vulnerable following a breach of this size.
Once you have a copy of your free credit report, review it for any unauthorized activity. Don't forget to set up alerts and monitor your credit regularly.
Step 3: Be vigilant about phishing scams. Many cybercriminals will try to leverage this information to scam you through phone calls, text messages, emails, and even social media sites. Be cautious!
A data breach is devastating for everyone involved - the
business hacked and the customers or employees whose data is leaked. As a
business owner, it is your responsibility to make sure you are taking the
highest precautions to protect your business and its data. If you want to do a
full assessment and find out if any of your information has been leaked or if
your network is vulnerable to a breach, we'll do a FREE consult. This deep dive into your network will provide you with a blueprint
for security steps to take. To book yours, call our office at 954-327-1001 or click here.
