In September 2024, National Public Data confirmed that hackers had compromised the personal records of millions of individuals, exposing sensitive information such as names, email addresses, mailing addresses, phone numbers, and even Social Security numbers for up to 2.9 billion people. Here’s what you need to know to protect your business and your personal information.
What Happened?
National Public Data, a major consumer data broker that provides criminal records, background checks, and other forms of data to private investigators, consumer public record sites, HR departments, staffing agencies, government entities, and more, was hacked. The breach reportedly began in December 2023, when a third-party bad actor attempted to gain access.
In April 2024, a cybercriminal known as “USDoD” posted the stolen data online. By August, the dataset had resurfaced on several breach forums, allowing anyone to access and download it for free.
The exposed information includes names, addresses, phone numbers, email addresses, and Social Security numbers of millions of people, some of whom are deceased. Additionally, the data contains previous addresses and, in some cases, alternate names.
While the official breach notice filed in Maine indicated that around 1.3 million records were compromised, lawsuits suggest that the breach may have affected up to 2.9 billion records.
Despite some inaccuracies in the data, the exposure of Social Security numbers and other critical details makes this breach particularly dangerous, especially for small businesses, defense contractors, and organizations needing to comply with CMMC and DFARS regulations.
Why Is This Breach So Dangerous?
Even if much of the data can already be found through a quick Google search, having all this information in one place makes it easier for criminals to use it for identity theft, fraud, and phishing attacks. Hackers can use details like Social Security numbers or street names from your past to answer security questions and bypass authentication processes, gaining access to your personal or business accounts.
Experts are warning of an increase in phishing and smishing (phishing via SMS) attacks following the breach.
Can You Be Affected if You’ve Never Heard of National Public Data?
Yes! Even if you’ve never personally used National Public Data, other businesses, organizations, or landlords may have accessed your information through their services. The risk extends to anyone whose data might have been collected, making it essential to take protective action.
What Should You Do to Protect Yourself?
Step 1: Check if Your Data Has Been Compromised.
Use tools like NPD’s breach checker to see if your information was exposed. If it has, take action immediately.
Step 2: Freeze Your Credit.
One of the best ways to prevent identity theft is by freezing your credit. Contact all three major credit bureaus—Equifax, TransUnion, and Experian—and request a freeze. This free process takes only a few minutes per site and will help prevent criminals from opening new accounts in your name. Don’t forget to request credit freezes for any other adults in your household, as anyone with a Social Security number is vulnerable.
Once you have a copy of your free credit report, review it for any suspicious activity or unauthorized actions. Set up alerts with each bureau and monitor your credit regularly.
Step 3: Be Vigilant Against Phishing Scams.
Cybercriminals will likely use the compromised data to launch phishing attacks through emails, texts, phone calls, and social media. Be extra cautious and verify the sender before clicking on any links or providing personal information.
Protecting Your Business from Data Breaches
Data breaches not only impact individuals but can also be devastating for businesses. As a business owner, especially if you handle sensitive information or need to stay compliant with CMMC or DFARS, it’s crucial to take proactive steps to secure your network and protect against potential breaches.
We offer a FREE Cybersecurity Risk Assessment to help you evaluate your business’s cybersecurity defenses. During this deep dive, we’ll identify any vulnerabilities in your network and provide a detailed blueprint for improving your cybersecurity posture. Whether you’re a small business or a defense contractor in Dallas-Fort Worth, we’re here to help keep your data safe.
To book your FREE assessment, call us at 817-803-4603 or click here.
