The National Public Data breach, confirmed in August 2024, is one of the largest data breaches in history, affecting approximately 2.9 billion records of personal data. National Public Data (NPD) is a Florida-based company that aggregates publicly available information to provide background-check services. It collects extensive personal data, including Social Security numbers (SSNs), addresses, phone numbers, and family details, which it sells to various clients, including private investigators and staffing agencies.
The records, which include full names, current and past addresses, emails, phone numbers, and Social Security numbers, were later sold on the dark web for $3.5 million. The breach is believed to have originated from a cyberattack in December 2023, with data leaks occurring in April and summer 2024. The incident was first disclosed through a class action lawsuit filed against NPD.
The implications of this breach are severe, as the leaked data can be exploited for various fraudulent activities. Cybercriminals could use the information to impersonate victims, commit identity theft, or engage in scams targeting individuals based on their personal relationships and employment history.
Recommended Actions
- Use this free tool to see if your SSN was compromised in this breach
- Freeze your credit (if not already) with the three credit agencies: Equifax, Experian, and TransUnion
- Check credit reports for unauthorized activity
- Enable account alerts for banking apps
- Set up MFA for all online accounts
- Revisit your password hygiene - get a password manager
- Delete any accounts you don't use
- Visit the Have I Been Pwned website to determine if/when your data has been breached
Take these proactive steps to protect yourself from potential identity theft and fraud.
#ALTACyber
------------------------------
Genady Vishnevetsky
Chief Info Security Officer
Stewart Title Guaranty Company
Houston TX
------------------------------