Was YOUR Data Compromised In The National Public Data Breach?

In September 2024, National Public Data announced that a cybercriminal had breached the personal information of millions. This breach has resulted in the exposure of names, phone numbers, home addresses, email addresses, and even Social Security numbers, affecting as many as 2.9 billion individuals. Here’s what you should be aware of.

What occurred?

National Public Data, a company that deals in consumer data, offering services like criminal background checks and public records to private investigators, HR departments, staffing firms, government entities, and public record websites, experienced a data breach. It is suspected that the breach began in December 2023 when an external attacker tried to infiltrate their systems.

In April, a cybercriminal going by the name "USDoD" uploaded the stolen information to a well-known criminal forum. Then, on August 6, the compromised data reappeared, this time made available for free across several breach forums, allowing anyone to access and download it.

The leaked personally identifiable information comprised names, addresses, phone numbers, email addresses, and Social Security numbers of millions of individuals, including some who have passed away. Additionally, the data included former addresses and, in some cases, alternative names.

The official data breach notification submitted in Maine reported that 1.3 million records might have been compromised. However, certain lawsuits are claiming that as many as 2.9 billion records were actually exposed.

As the investigation progresses, many cybersecurity experts are discovering that some of the leaked data is inaccurate. Additionally, apart from the Social Security numbers, most of the information is already publicly available and easily accessible online.

So why is this breach a threat if the information is easily found through a quick Google search?

There are several reasons for concern. Consolidating all this sensitive information in one location makes it much easier for criminals to exploit it for activities like applying for credit cards, taking out loans, or opening new bank accounts fraudulently.

The leaked information, including details like childhood street names or the last four digits of Social Security numbers, often serves as answers to security questions. This can enable hackers to circumvent authentication measures and gain access to your private accounts. Additionally, some cybersecurity experts warn to be on the lookout for an increase in phishing and smishing (SMS phishing) attacks as well.

Can you be impacted even if you’ve never heard of National Public Data or bought data from them?

Absolutely! Just because you haven’t engaged with them doesn’t mean that other entities, such as organizations, businesses, landlords, and others, haven’t used their services to gather information about you.

What steps should you take to protect yourself?

Step 1: Determine whether your data has been compromised. You can utilize tools like https://npd.pentester.com/ to check if your information has been exposed. If it has, it’s crucial to take prompt action.

Step 2: Obtain a copy of your credit report and freeze your credit. One of the most effective ways to safeguard your identity is by freezing your credit and establishing alerts. This measure prevents criminals from opening new credit accounts in your name. To initiate this, contact the three major credit bureaus—Equifax, TransUnion, and Experian—and request a freeze.

The process is free and typically takes less than 10 minutes per bureau. If there are other adults in your household, consider freezing their credit as well, as anyone with a Social Security number can be at risk following a breach of this magnitude.

After obtaining your free credit report, carefully examine it for any unauthorized activity. Remember to set up alerts and routinely monitor your credit.

Step 3: Stay vigilant against phishing scams. As previously mentioned, many cybercriminals may attempt to exploit this information to deceive you via phone calls, text messages, emails, and even social media platforms. Exercise caution!

A data breach is catastrophic for all parties involved—the affected business and the customers or employees whose information has been compromised. As a business owner, it’s your duty to ensure that you implement the highest level of precautions to safeguard your business and its data.

We offer a FREE Security Risk Assessment if you’re interested in a comprehensive evaluation to determine whether your information has been leaked or if your network is susceptible to a breach. This thorough network examination will equip you with a detailed plan for necessary security measures. To book yours, please call our office at 704-470-9009 or click here.