New details have surfaced about what is reportedly one of the most critical breaches in internet history. As Tom’s Hardware reports, a user who goes by the alias Fenice claims to have posted for free a more complete version of the allegedly stolen data from the background check company National Public Data and published it on a popular hacking forum.
On August 6, Fenice posted the data affecting 2.9 billion personal records and claimed that a distinct hacker named SXUL, not USDoD, caused the breach. While others had posted copies of the data before, none were apparently as complete as the one Fenice provided. Nonetheless, there are apparent problems with the data, including wrong Social Security numbers.
There is still no official information about whether anyone in the U.S. is affected, but BleepingComputer has received confirmation from many individuals that the breach compromised their and their families’ data. It also checked that the data contained previous addresses, which indicates that the hackers took the data from an old backup.
The breach first surfaced in a class-action lawsuit sourced by Bloomberg Law. Nonetheless, National Public Data, also known as Jerico Pictures, has still not officially confirmed the breach or detailed how it happened. Therefore, all new information needs to be taken with skepticism. Many users were unaware that the company possessed such information in the first place, and according to the lawsuit, NPD supposedly scraped data from non-public sources to conduct personal background checks.
The lawsuit also accused NPD of various charges, including breaches of fiduciary duty, unjust enrichment, and more.
