Keyphrase: South Florida company sued over Social Security data breach
A new lawsuit claims that hackers have obtained the personal information of “billions of people,” including their Social Security numbers, current and past addresses, and the names of siblings and parents — personal data that could allow fraud attackers infiltrate financial accounts or steal funds. The allegation comes in a lawsuit filed earlier this month by California resident Christopher Hofmann, who claims his identity theft protection service alerted him that his personal information had been compromised by “nationalpublicdata.com” and leaked to the dark web. Bloomberg Law earlier reported on the lawsuit.
Alleged Hack of National Public Data
The leak, which allegedly occurred around April 2024, saw a hacker group called USDoD steal billions of individuals’ unencrypted personal information from a background check company called National Public Data (NPD), according to the lawsuit. Bleeping Computer reported that the hacker claimed the stolen files included 2.7 billion records, each listing a person’s full name, address, date of birth, Social Security number, and phone number.
Details of the Hack
National Public Data is a Coral Springs, Florida-based profile company that provides background checks to employers, investigators, and other businesses. The U.S. Department of Defense released a database called “National Public Data” on the dark web on April 8, claiming to have the records of approximately 2.9 billion individuals. Despite the purchase of the company for $3.5 million, the leaked file was later available for free on a hacking forum, as reported by Bleeping Computer.
Protecting Your Information
It remains unclear whether NPD alerted individuals affected by the hack, as the lawsuit alleges a failure to provide notice or warning. Security experts recommend freezing credit files at major credit bureaus, signing up for two-factor authentication, and using tracking services to monitor dark web activity. By taking these precautions, individuals can mitigate the risk of identity theft and other forms of harm resulting from data breaches.