In what may be one of the largest data breaches in history, a notorious hacking group has reportedly released the Social Security numbers and other sensitive personal data of nearly every American. This alarming breach, which also includes information such as full names, addresses, and dates of birth, was allegedly stolen from National Public Data (NPD), a data broker that provides personal information for background checks.
The hacking group, known as USDoD, claimed in April 2024 to have stolen the personal records of 2.9 billion individuals, including those from the U.S., Canada, and the U.K. The group initially attempted to sell the data for $3.5 million but has now released it for free on an online marketplace. If verified, this breach could lead to widespread identity theft, fraud, and other serious crimes, as this type of information can be used to take over existing accounts or create new fraudulent accounts.
Despite the severity of the breach, National Public Data has not formally notified affected individuals, stating only that it is “investigating these issues” and has since purged its entire database. Cybersecurity experts have warned that this breach should serve as a wake-up call for individuals to take immediate protective measures.
How to protect yourself
Given the scope of the breach, here are some steps you can take to protect yourself from potential identity theft:
1. Freeze your credit: Contact the three major credit bureausāExperian, Equifax, and TransUnionāto place a freeze on your credit files. This will prevent criminals from opening new accounts in your name. Remember to temporarily lift the freeze if you need a credit check.
2. Sign up for identity theft monitoring: Consider using a service that monitors your accounts and the dark web for signs of identity theft. These services often come free for a year or more if your data was exposed in a breach.
3. Secure your existing accounts: Ensure you have strong, unique passwords for each account and enable two-factor authentication (2FA). 2FA adds an extra layer of security, making it harder for criminals to access your accounts even if they have your login information.
4. Be wary of phishing attempts: Scammers may pose as legitimate entities to trick you into revealing more personal information. Always verify the source of any communication and avoid clicking on links in unsolicited emails or texts.
The potential fallout from this breach underscores the importance of remaining vigilant and taking proactive steps to protect your personal information.