Massive Data Breach Exposes Personal Information of 2.7 Billion Americans
Recently, an extensive data leak comprising 2.7 billion records of personal information belonging to individuals in the United States, including their Social Security Numbers, has surfaced online. This breach is connected to National Public Data, a company that collects and sells data from various non-public sources for background checks. The organization has officially acknowledged that it experienced “a data security incident” where names, emails, addresses, phone numbers, Social Security Numbers, and mailing addresses were compromised.
Details of the Security Breach
The description provided by National Public Data regarding its security incident is somewhat ambiguous and convoluted; however, the company pointed fingers at a malicious third party as the source of the breach. According to their report, this unauthorized entity allegedly attempted to infiltrate their system towards the end of December 2023. Notably, they indicated potential data leaks occurred in both April and summer 2024—suggesting that unauthorized access had indeed been achieved.
In April alone, a hacking group identified as USDoD made headlines by attempting to sell an alarming 2.9 billion records related to residents from not just the U.S., but also the UK and Canada for $3.5 million. They claimed responsibility for obtaining this sensitive information from National Public Data itself. Following this revelation, portions of those records have since been disseminated online over time with recent leaks exposing even more sensitive details.
Company Response and Recommendations for Affected Individuals
The organization reports that it has collaborated with law enforcement agencies to investigate potentially compromised records thoroughly and stated intentions to notify affected individuals if any further critical developments arise concerning their personal details. In line with this communication effort, National Public Data published notifications advising those potentially impacted on proactive measures they can take.
The company encourages victims to keep a close eye on financial accounts for any suspicious activities while also recommending free credit reports be obtained alongside placing fraud alerts on personal files—a crucial step when facing such large-scale breaches.
Pursuing Legal Action Against National Public Data
Additionally worth noting is that National Public Data now faces a proposed class action lawsuit initiated in early August by an individual who was alerted through an identity theft protection service about their own personal information appearing on dark web forums. The plaintiff alleges negligence on part of the company regarding securing personally identifiable information collected during standard business operations responsibly.
