calendar

Was Your Information Compromised From The National Public Data Breach?

October 28, 2024

In September 2024, National Public Data confirmed that a hacker had compromised the personal records of millions. The breach exposed information such as names, email addresses, mailing addresses, phone numbers, and Social Security numbers for up to 2.9 billion individuals. Here's what you need to know.

What occurred?

National Public Data, a consumer data broker that provides criminal records, background checks, and other data to private investigators, public record sites, HR departments, staffing agencies, and the government, experienced a hack. The breach likely began in December 2023 when a third-party attacker attempted to access their systems.

In April, a cybercriminal known as "USDoD" posted the stolen data on a popular criminal forum. On August 6, the dataset reappeared, this time freely available on several breach forums for anyone to download.

The leaked information included names, addresses, phone numbers, email addresses, and Social Security numbers for millions, including some deceased individuals. The data also featured previous addresses and, in some cases, alternate names.

An official breach notice filed in Maine reported that 1.3 million records might have been compromised; however, some lawsuits claim up to 2.9 billion records were exposed.

As investigations continue, many cybersecurity experts have found that some of the released data was inaccurate. Aside from Social Security numbers, most of the information is already publicly accessible online.

Why is this breach dangerous if the information is publicly available?

There are several reasons for concern. Having all this sensitive information consolidated makes it easier for criminals to apply for credit cards, loans, or open new bank accounts using your details.

Information such as childhood street names or the last four digits of your Social Security number often serve as answers to security questions, enabling hackers to bypass authentication and access private accounts.

Cyber experts also anticipate an increase in phishing and smishing (phishing via SMS) attacks.

Can you be affected even if you've never heard of National Public Data or used their services?

Yes! Even if you haven't interacted with them, other organizations, businesses, landlords, etc., may have used their resources to gather information about you.

How can you protect yourself?

Step 1: Check if your data has been exposed. Utilize tools like https://npd.pentester.com/ to see if your information is compromised. If it is, take immediate action.

Step 2: Request a copy of your credit report and freeze your credit. Freezing your credit and setting up alerts is a strong defense against identity theft, preventing criminals from opening new credit lines in your name. Contact the three major credit bureaus—Equifax, TransUnion, and Experian—to request a freeze.

The process is free and takes less than 10 minutes per site. It's also wise to freeze the credit of others in your household over 18. Anyone with a Social Security number is vulnerable after a breach of this magnitude.

Once you receive your free credit report, review it for unauthorized activity. Set up alerts and regularly monitor your credit.

Step 3: Be vigilant against phishing scams. Cybercriminals may use this information to scam you through phone calls, text messages, emails, and social media. Stay cautious!

A data breach is devastating for everyone involved - the business hacked and the customers or employees whose data is leaked. As a business owner, it is your responsibility to make sure you are taking the highest precautions to protect your business and its data. If you want to do a full assessment and find out if any of your information has been leaked or if your network is vulnerable to a breach, we'll do a FREE Discovery Call. To book yours, call our office at 281-402-2620 or click here.