National Public Data, a background check service recently confirmed that hackers breached its systems. The data security incident involving as many as 2.9 billion data records may have involved personal information extending across three countries, the United States, Great Britain and Canada. The information that was reportedly breached contained name, email address, phone number, social security number, and mailing address(es):
There appears to have been a data security incident that may have involved some of your personal information. The incident is believed to have involved a third-party bad actor that was trying to hack into data in late December 2023, with potential leaks of certain data in April 2024 and summer 2024.
The current breach is being described as one of the largest data breaches ever surpassing the Yahoo data breach around ten years ago which, until the National Public Data incident, was considered the largest data breach ever recorded.
Apparently a majority of the data was leaked by hackers about 12 days ago:
Although a large portion of the database stolen from National Public Data (NPD) was leaked 10 days ago, partial copies had previously been shared by various threat actors.
This latest breach is particularly concerning specifically to Americans considering plaintext social security numbers are involved in the incident:
The latest breach poses a major threat to Americans as it includes plaintext SSNs, which are critical identifiers used for various financial and governmental transactions. In the wrong hands, these SSNs are highly susceptible to abuse by identity scammers, making the breach a significant security risk.
What You Can Do According to National Public Data
National Public Data relayed what users affected by this breach can do to monitor potential unauthorized activity by identity thieves related to this incident.
* National Public Data recommends that you closely monitor your financial accounts and if you see any unauthorized activity, you should promptly contact your financial institution.
* You may want to contact the three U.S. credit reporting agencies (Equifax, Experian, and TransUnion) to obtain a free credit report from each by visiting www.annualcreditreport.com.
* Place a free fraud alert on your credit file. A fraud alert tells creditors to contact you before they open any new accounts or change your existing accounts.
* Place a free credit freeze with each of the major credit bureaus at the links provided below. A credit freeze means potential creditors cannot get your credit report and makes it less likely that an identity thief can open new accounts in your name.
Equifax: equifax.com/personal/credit-report-services
Experian: experian.com/help
TransUnion: transunion.com/credit-help
* Check your credit report frequently with all three credit bureaus to monitor unauthorized activity.