ButSpeak.com
News which Matters.
A massive data leak of 2.7 billion records from National Public Data has exposed sensitive personal information, including social security numbers, affecting millions in the US, UK, and Canada.
A significant data breach has compromised the personal information of millions of individuals across the United States, United Kingdom, and Canada, with 2.7 billion records exposed in a leak that first came to light on a notorious hacking forum. The breach, which is believed to have originated from a company known as National Public Data, includes sensitive details such as names, mailing addresses, and social security numbers, all of which were stored in plaintext without encryption.
National Public Data, a firm that aggregates and sells personal data for background checks, criminal record searches, and private investigations, is at the center of this alarming incident. The company is thought to have compiled this information from various public sources to create detailed user profiles, affecting not only US residents but also individuals in the UK and Canada.
The breach was first noticed when a threat actor, previously associated with attempts to sell stolen databases, claimed to have nearly 2.9 billion records available for sale at a staggering $3.5 million. This actor, known as USDoD, asserted that the data covered nearly every individual in the three countries. However, the most recent leak, made public on August 6 by another hacker named “Fenice,” revealed a slightly smaller dataset of 2.7 billion records, confirming suspicions about the widespread nature of the breach.
Notably, this dataset does not include some details found in earlier samples, such as phone numbers and email addresses. However, the core information—names, addresses, and social security numbers—remains, and in many cases, records also list aliases or other names associated with the individual. While the data may not be current, as suggested by the outdated addresses, the potential for misuse remains significant.
This breach has sparked multiple class action lawsuits against Jerico Pictures, the company believed to be operating as National Public Data, for failing to protect this sensitive information. The leak’s scale has also prompted warnings for individuals, particularly in the US, to monitor their credit reports closely for any signs of fraudulent activity. As social security numbers are among the compromised data, the risk of identity theft is particularly high.
In addition to the personal and financial risks posed by this breach, those affected are also being cautioned against phishing attempts. Previously leaked data from this breach included phone numbers and email addresses, making targeted scams a likely threat. Individuals are advised to be vigilant against unsolicited messages that may attempt to extract further sensitive information.
As investigations continue, the full impact of this data leak is still unfolding. What is clear, however, is that the breach has compromised the privacy and security of millions, underscoring the urgent need for more stringent data protection measures in an increasingly digital world.