Given all of the major news events that have dominated headlines this summer, you’d be forgiven for missing yet another: reports that a massive data breach may have disclosed billions of details, including names, social security numbers, and addresses.
National Public Data (NPD), a background-check data aggregator based in Coral Springs, Florida, recently admitted on its website that “a data security incident”—which was “believed to have involved a third-party bad actor” in December 2023—led to data leaks in April of this year. Bloomberg Law reports that 2.9 billion documents were leaked and then sold on the dark web for $3.5 million.
Moreover, in recent days, it has become clear that the leak may be worse than previously thought. Brian Krebs, a cybersecurity investigative researcher, revealed on his KrebsOnSecurity website this week that National Public Data exposed its own credentials as part of the breach.
“KrebsOnSecurity has learned that another NPD data broker which shares access to the same consumer records inadvertently published the passwords to its back-end database in a file that was freely available from its
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: