According to a recent filing and class action lawsuit in the Southern Florida US District Court. An information Services Company, National Public Data (NPD) is being sued after, the company, which collects and sells data, was hacked. The hacked resulted in the loss of 2.9 Billion Records containing Personally Identifiable Information (PII) which includes any data that can be used to identify a specific person.
According to the Court Filing, the PII was published and offered for sale/sold on the Dark Web by cybercriminals, on or about April 8, 2024. The criminal gang that stole information goes by the moniker of “USDoD.” The Plaintiff was notified by a credit monitoring service that his information was found on the Dark Web. The lawsuit was filed on August 1, 2024.
“USDoD” apparently gained access to Defendant’s network prior to April 2024 and was able to exfiltrate the unencrypted PII of billions of individuals stored on Defendant’s network (the “Data Breach”). The Criminals then posted the stolen database on the Dark Web Hacker forum named “Breached.”
VX-Underground, https://vx-underground.org/ an educational website about malware and cyber security, reported the following:
“April 8th, 2024, a Threat Actor operating under the moniker “USDoD” placed a large database up for sale on Breached titled: “National Public Data”. They claimed it contained 2,900,000,000 records on United States citizens.
They put the data up for sale for $3,500,000.523.To make matters worse, VX-Underground reported that they “were informed USDoD intends on leaking the database” and that they “requested a copy in advance to confirm the validity of the data.”
VX-Underground then “reviewed the massive file – 277.1GB uncompressed, and [confirm[ed] the data present in it is real and accurate.”
USDoD alleged to have the PII of approximately 2.9 billion individuals and offered the database for purchase at a price of $3.5 million.
Plaintiff had already received notifications from his identity theft protection service that his PII was compromised and found on the Dark Web as a direct result of the “National Public Data” Data Breach
0
According to several news sources it is believed that this breach is going to result in a lot of Identity Theft. The first thing people should do is go out to the three credit bureaus and freeze your account. The second thing to do is change all your passwords for accounts like credit cards, Amazon, Facebook, Linkedin, ect. On T-Mobile, Verizon, AT&T you need to protect your phone number from being stolen by going out and activating protections against Sim Swapping and Port-out Fraud. If you want to know if your information was breached go out to Pentester.