A significant data breach at National Public Data has potentially exposed nearly 3 billion personal records, including Social Security numbers.
According to SavvyDime, the breach, which occurred in December 2023, was revealed in an August statement from the data broker company. The stolen information was subsequently leaked on the dark web by what the company described as "a third-party bad actor."
The breach has sparked a proposed class action lawsuit and a House of Representatives committee investigation. The lawsuit alleges that National Public Data obtained the information by scraping nonpublic sources without consent. As the full extent of the breach becomes clear, individuals are being advised to check if their personal information was compromised and take steps to protect their sensitive data.
The National Public Data breach is believed to have affected an enormous number of individuals, with estimates ranging from 1.3 million to potentially billions. The Maine Attorney General's office has reported 1.3 million affected individuals based on discussions with the data broker. However, Troy Chase of Have I Been Pwned estimates that the stolen records include 134 million unique email addresses.
The scope of the breach is particularly concerning due to the nature of the information exposed. The stolen data potentially includes names, email addresses, phone numbers, Social Security numbers, and mailing information. This comprehensive set of personal data could be a goldmine for identity thieves and cybercriminals.
National Public Data claims to obtain personal information from various national repositories, including public record databases, court records, and state and national databases. The company's statement indicates that the breach may have resulted in potential leaks of certain data in April 2024 and summer 2024, suggesting a prolonged period of vulnerability.
In light of the breach, individuals are encouraged to take proactive steps to determine if their information was compromised and protect themselves from potential identity theft. Two online security companies have set up free tools for individuals to check if their Social Security numbers are among the stolen data.
Atlas Privacy has created npdbreach.com, while the cybersecurity firm Pentester operates npd.pentester.com. Both tools are designed to search for partial data in the stolen cache without requiring users to input their full Social Security numbers. These resources provide a straightforward way for individuals to assess their potential exposure in the breach.
For those who discover their data has been compromised, vigilance is key. National Public Data has advised affected individuals to closely monitor their financial records for unauthorized activity. The company has also provided an email address ([email protected]) for further inquiries and promised to notify individuals of any significant developments relevant to their case.
If individuals suspect their Social Security number has been compromised, there are several steps they can take to protect themselves. Regularly checking credit reports from the three major credit bureaus - Equifax, Experian, and TransUnion - can help identify unusual activity, such as new accounts opened without authorization.
Credit monitoring services offer an additional layer of protection by continuously monitoring credit reports and alerting users to suspicious activity. These services can set up fraud alerts to notify individuals whenever their Social Security number or identity is used to apply for credit. The Federal Trade Commission's IdentityTheft.gov website is a valuable resource for those affected by identity theft. It provides personalized recovery plans and guides individuals through the process of securing their identity and dealing with the aftermath of a theft.
The magnitude of the National Public Data breach has drawn attention from government bodies. On August 22, the House Committee on Oversight and Accountability announced an investigation into the reported cyberattack against National Public Data. This investigation signals the seriousness with which authorities are treating the breach and its potential implications for national security and individual privacy.
In conclusion, the National Public Data breach has exposed billions of personal records, including sensitive information such as Social Security numbers. The breach has prompted investigations by government bodies and a class action lawsuit. Individuals are advised to check if their data was compromised using available online tools and take steps to protect themselves from potential identity theft. Resources are available from various agencies to assist those affected in securing their personal information and recovering from any resulting fraud.
