A staggering data breach has hit National Public Data (NPD), a background-checking service owned by Jerico Pictures, compromising personal information of almost three billion individuals. The breach, revealed through a class-action lawsuit filed recently, reportedly occurred in April 2024. Despite the gravity of the situation, neither NPD nor Jerico Pictures has officially confirmed the attack.
Previously, the Yahoo breach of 2013 was known as the largest data breach, affecting three billion accounts and involving the theft of personal details such as names and email addresses. However, the scope of the NPD breach could be equally severe, potentially impacting as many people. NPD, based in Coral Springs, Florida, collects data from non-public sources, which means many individuals likely had their information compromised without their direct consent.
Details of the Compromise
The leaked data includes sensitive information such as Social Security numbers, addresses spanning several years, full names, and details about relatives. According to the lawsuit filed in the U.S. District Court for the Southern District of Florida, this data was likely stored without proper security measures. The breach became public after the lawsuit alleged negligence and failure to protect data adequately. Victim Christopher Hofmann was notified by his identity theft protection service on July 24, 2024, that his information was found on the Dark Web.
The lawsuit claims that on April 8, 2024, the criminal group USDoD posted a database named “National Public Data” on a Dark Web forum called “Breached.” This group claimed to possess data on approximately 2.9 billion individuals and was selling it for $3.5 million. Such vast amounts of compromised data pose a significant threat, potentially fueling identity theft and fraud.
Impact on Identity Protection
The breach underscores the limitations of traditional identity theft protection services. While these services typically offer account monitoring and alerts, they cannot prevent initial breaches. The NPD incident highlights how personal data can be compromised despite individuals’ best efforts to protect it. The breach serves as a stark reminder of vulnerabilities in the data handling practices of third-party companies.
Expert Recommendations
Odysseas Papadimitriou, CEO of WalletHub, stresses the importance of advanced identity protection measures. “With the rise of massive data breaches, it is crucial to invest in services that go beyond basic credit monitoring,” Papadimitriou advises. “Look for services that offer continuous surveillance of your bank accounts, mailing address, and the Dark Web to detect identity theft early.”
How to Protect Your Data
Following the NPD breach, WalletHub suggests several steps to safeguard your personal information:
– 24/7 Credit Monitoring: Enroll in services that provide real-time alerts for any changes to your credit report.
– Two-Factor Authentication: This extra security layer helps protect your accounts from unauthorized access.
– Be Wary of Phishing: Avoid responding to unsolicited requests for your personal details.
– Regular Account Reviews: Regularly check your credit card and bank statements for unusual activity.
– Secure Debit Card Transactions: Use PINs or signatures for added verification.
– Freeze Your Credit Reports:Â Prevent third parties from accessing your credit reports without your permission by freezing them. This measure can deter identity theft by blocking new accounts in your name.
The NPD data breach is a significant reminder of the risks associated with data collection and storage practices. As individuals and companies navigate the aftermath, it’s essential to stay vigilant and adopt comprehensive measures to protect personal information. This incident also highlights the need for stricter regulations and better security practices to safeguard sensitive data in an increasingly digital world.