In September 2024, National Public Data confirmed a significant data breach, impacting millions worldwide. Sensitive information like names, email addresses, phone numbers, mailing addresses, and even Social Security numbers were exposed. Here’s a breakdown of the situation and what you can do to protect yourself.
The Breach: What Happened?
National Public Data, a well-known data broker, provides background checks, criminal records, and other personal information to various industries such as HR, consumer public records, and government agencies. The breach is believed to have started in December 2023, when a malicious third party gained unauthorized access to the data.
By April, a hacker known as “USDoD” leaked the stolen data on criminal forums. In early August, the information reappeared on several online forums, making it freely accessible. This dataset included personal details like Social Security numbers, addresses, and even previous names, raising the total number of records breached to as many as 2.9 billion, according to some sources.
Why Should You Be Concerned?
While some of the exposed information might already be publicly available, having it consolidated in one place makes it easier for cybercriminals to exploit. Hackers can use these details to commit identity theft, apply for loans, or even create fraudulent bank accounts. Moreover, small but crucial details, such as your childhood street name or the last four digits of your Social Security number, are often used for security questions, making it easier for bad actors to bypass account authentication.
Phishing and SMS-based phishing (smishing) attacks may also increase as cybercriminals attempt to manipulate this information to trick individuals into providing more sensitive data.
Can You Be Affected Even If You Don’t Know National Public Data?
Absolutely. Even if you’ve never directly interacted with National Public Data, other organizations you’ve worked with, such as landlords, employers, or service providers, may have used their services to gather information about you.
How to Protect Yourself
- Check if You Were Affected: Use tools like Pentester’s NPD Search Tool to see if your data has been compromised. If so, act quickly.
- Freeze Your Credit: Request copies of your credit reports and place a credit freeze with the three major credit bureaus—Equifax, TransUnion, and Experian. This prevents anyone from opening new accounts in your name without your consent. Freezing your credit is free and can be done online in less than 10 minutes.
- Stay Vigilant for Phishing Attacks: Be on the lookout for unsolicited calls, emails, and text messages. Criminals will try to use the leaked information to trick you into giving up more personal details or accessing your accounts.(Not sure what to do with Phishing? Read this blog : )
Is Your Company Prepared?
A breach like this doesn’t just affect individuals; businesses are also at risk. As a business owner, it’s critical to ensure your data security practices are top-notch. If you're unsure whether your network is fully protected or want to see if any of your information has been exposed, Diverse CTI is offering a FREE Security Risk Assessment. We’ll thoroughly analyze your network and provide a comprehensive report on how to secure your systems moving forward.
Ready to safeguard your business? Call us at 405-210-3000 or click here to schedule your free assessment today.