A significant quantity of Social Security numbers and other sensitive details for millions of individuals may now be in the possession of a hacking group following a data breach, potentially being offered on an online marketplace, as reported by The Los Angeles Times this week.
The hacking collective known as USDoD has purportedly claimed responsibility for pilfering personal data of 2.9 billion individuals from National Public Data, according to a class-action lawsuit filed in the U.S. District Court in Fort Lauderdale, Florida, and reported by Bloomberg Law. The breach is suspected to have occurred around April 2024, as detailed in the lawsuit.
Here’s what is essential to know about the alleged data breach.
What data was compromised in the breach?
- Reports indicate that information was extracted from National Public Data.
- Hackers initially attempted to sell the data, then released it for free.
- Experts recommend freezing your credit files as the most effective immediate safeguard.
The law firm Schubert, Jonckheer & Kolbe, in a press release, revealed that the compromised data amounts to 277.1 gigabytes and includes names, address histories, relatives, and Social Security numbers spanning over three decades.
ALSO READ : What is Mpox, where are the outbreaks and what is the WHO doing?
A cybersecurity expert on X, formerly Twitter, mentioned that USDoD is allegedly selling the 2.9 billion records of citizens from the U.S., U.K., and Canada on the dark web for $3.5 million.
Since the data was offered for sale in April, other parties have distributed various copies of the information, according to cybersecurity and technology news site Bleeping Computer.
In August, a hacker identified as “Fenice” reportedly leaked the most comprehensive version of the data for free on a forum, as per Bleeping Computer.
What is National Public Data?
National Public Data is a Florida-based background check firm operated by Jerico Pictures, Inc. USA TODAY has reached out to National Public Data for a statement.
The company has yet to officially confirm the breach, but The Los Angeles Times reported that it has been responding to inquiries via email with, “We are aware of certain third-party claims regarding consumer data and are currently investigating these matters.”
What to do if you suspect your information has been compromised?
If you believe your personal information has been compromised or is circulating on the dark web, there are several steps you can take to safeguard against fraud or identity theft.
Money advises taking the following precautions:
- Ensure your antivirus software is current and perform security scans on all devices. If malware is detected, most antivirus programs should be capable of removing it, though professional assistance may be required in some cases.
- Update your passwords for banking, email, and other services, ensuring they are robust and unique for each account. Use a combination of uppercase and lowercase letters, numbers, and punctuation, and avoid using personal information that could be easily guessed by hackers.
- Enable multi-factor authentication on any accounts or services that support it to confirm that only you are logging in.
- Monitor your credit report and report any unauthorized use of your credit cards. If you notice any suspicious activity, request that credit bureaus freeze your credit.
- Exercise caution with your email and social media accounts, and remain vigilant against phishing attempts that seek to obtain your personal information under false pretenses.
