Breaking: National Public Data Reveals Massive Breach Exposing Vulnerable Social Security Numbers

Imagine waking up one day to find out that your Social Security number, along with other personal information, has been leaked online. That’s exactly what happened to millions of people when National Public Data, a background check service, confirmed that their systems were breached by hackers.

As a result, sensitive information such as names, email addresses, phone numbers, social security numbers (SSNs), and postal addresses were exposed.

A blast from the past: late 2023 hack attempt resurfaces

According to National Public Data’s statement, the breach is believed to be linked to a hacking attempt back in December 2023. They acknowledge that data leaks occurred in April 2024 and summer 2024, and have cooperated with law enforcement during their investigation.

While National Public Data has been working on addressing the issue, it’s worth noting that our testing showed that access to their statement has been blocked for IP addresses in various locations in the U.S. and other countries. However, there are captures of the page available on the Internet Archive.

So how did these leaks happen? It all started in April when a threat actor using the alias USDoD offered to sell 2.9 billion records stolen from National Public Data for $3.5 million. And it didn’t stop there. Earlier this month, another threat actor known as Fenice shared a database containing 2.7 billion records for free.

It’s difficult to determine the exact number of people affected, but many have confirmed that the leaked records include details about them and their family members, even deceased ones.

Troy Hunt, creator of the Have I Been Pwned search service, analyzed one version of the leaked database and found 134 million unique email addresses. However, not all the information in the database is accurate, as our tests and Hunt’s analysis both revealed inaccuracies in name associations and dates of birth.

Moreover, some of the details in the database may be outdated, as none of the current addresses we checked were included. Despite these inaccuracies, the incident has led to class action lawsuits against Jerico Pictures, the entity that operates National Public Data.

It’s believed that National Public Data collects its information from public files, such as government records, which include all legal papers related to an individual.

What to do if you’re affected by the breach

If you’re impacted by the National Public Data breach, it’s important to monitor your financial accounts for signs of fraudulent activity and report it to credit bureaus. Additionally, be on the lookout for phishing attempts, as the leaked contact information could be used to trick you into providing more sensitive details for fraudulent activities.

In this digital age, it’s crucial to stay vigilant and protect your personal information from falling into the wrong hands. We’re here to help you navigate the complex world of cybersecurity and provide the resources you need to stay safe online. So don’t hesitate to reach out to us and keep coming back to learn more about how you can safeguard your digital life.