Skip to main content
  1. Home
  2. Computing
  3. News

You may be a victim in one of the worst data breaches in history

By

Background check company National Public Data — also known as Jerico Pictures — suffered what is reportedly one of the most significant data breaches in history, affecting 2.9 billion personal records that leaked sensitive data such as Social Security numbers and more, as mentioned in a class-action lawsuit document and sourced by Bloomberg Law. What’s even worse is that it’s not known how the breach happened in the first place — or who has been included in it.

Before getting into it, it’s worth noting that National Public Data has not confirmed the breach yet, so there’s a lot of information that’s only coming from the lawsuit or the hacking group. That means some of the figures will need to be taken with a grain of salt. Still, it doesn’t sound good.

Recommended Videos

The lawsuit indicates that critical data, such as addresses, full names, and relative information, have reportedly been leaked to the dark web. The data even includes information on deceased relatives dating back decades.

The lawsuit also claims that the National Public Data scraping data from non-public sources to conduct personal background checks. The process used reveals that many users were unaware that the company possessed this information in the first place.

According to the lawsuit, an identify-theft protection service provider notified affected user Christopher Hofmann of the leak on or around July 24, though they believe the breach may have occurred in April. By the time the service informed him, his and potentially billions of others’ info was already up for sale for $3.5 million by the cybercriminal group USDoD on a dark web database.

The class action lawsuit accuses NPD of unjust enrichment, negligence, third-party beneficiary, and breaches of fiduciary duty. The lawsuit also demands that NPD conduct database scanning, segment data, use a threat-management system, and hire a third-party assessor annually to evaluate its cybersecurity frameworks for the next 10 years. The court has also asked NPD to cleanse the personal data of all those affected and encrypt all gathered data from now on.

This could be the most significant data breach since the 2013 Yahoo breach, where the personal data of 3 billion users was leaked. To help stay safe, we recommend using one of the best identify-theft protection service providers on the market.

Editors’ Recommendations

Topics
Judy Sanhz
Judy Sanhz
Computing Writer
Judy Sanhz is a Digital Trends computing writer covering all computing news. Loves all operating systems and devices.
I tested two open-source password managers, and one is clearly better
Bitwarden and Proton Pass pricing appears in a split-screen on a PC monitor.

If you’re searching for an open-source password manager, two names will undoubtedly rise to the top of your list: Bitwarden and Proton Pass. Both are well-rated and offer affordable subscription plans and excellent free versions.

The only challenge is the difficulty of choosing which is the best password manager. I recently reviewed Proton Pass Plus and Bitwarden Family in hope that a hands-on comparison might help identify little details that can make a big difference in daily use.
Tiers and pricing
Bitwarden and Proton Pass pricing in a split-screen comparison. Digital Trends

Read more
Major data breach involved ‘only’ 1.3 million people
A large monitor displaying a security hacking breach warning.

Information from a hacking group and a class action lawsuit document sourced by Bloomberg Law reported that a recent data breach of 2.9 billion personal records leaked sensitive information, such as Social Security numbers. But until now, National Public Data (NPD) had not officially confirmed the breach or the number of affected users.

In a new statement about the breach, NPD explained: "There appears to have been a data security incident that may have involved some of your personal information. The incident is believed to have involved a third-party bad actor that was trying to hack into data in late December 2023, with potential leaks of certain data in April 2024 and summer 2024." Separately, in a notification about the breach on the Maine Attorney General's website, it was revealed a total of 1.3 million people were affected.

Read more
One of the worst data breaches in history just got even worse
A concept image of a hacker at work in a dark room.

New details have surfaced about what is reportedly one of the most critical breaches in internet history. As Tom's Hardware reports, a user who goes by the alias Fenice claims to have posted for free a more complete version of the allegedly stolen data from the background check company National Public Data and published it on a popular hacking forum.

On August 6, Fenice posted the data affecting 2.9 billion personal records and claimed that a distinct hacker named SXUL, not USDoD, caused the breach. While others had posted copies of the data before, none were apparently as complete as the one Fenice provided. Nonetheless, there are apparent problems with the data, including wrong Social Security numbers.

Read more