Data breaches continue to be a persistent issue without a simple solution, as evidenced by the recent breach of the background-check service National Public Data. This incident highlights the escalating dangers and complexity of such breaches. After months of uncertainty, National Public Data has finally confirmed the breach, coinciding with a large amount of stolen data being leaked online.
In April, a hacker known as USDoD started selling a data set on cybercriminal forums for $3.5 million. The data, said to include 2.9 billion records, purportedly affected “the entire population of the USA, CA, and UK.” As the weeks passed, samples of the data emerged, with researchers and other actors verifying its authenticity. By early June, it was confirmed that the data contained information like names, emails, and physical addresses.
Although the data’s accuracy varies, it appears to consist of two main sets. One contains over 100 million legitimate email addresses along with other personal information. “There appears to have been a data security incident that may have involved some of your personal information,” National Public Data announced on Monday. “The incident is believed to have involved a third-party bad actor who attempted to access data in late December 2023, with potential leaks occurring in April 2024 and summer 2024. The breached information includes names, email addresses, phone numbers, Social Security numbers, and mailing addresses.”
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: