The Los Angeles Times reported this week that a data breach could have given hackers a trove of sensitive information, including millions of people’s Social Security numbers, which they then published on an online marketplace.
A class action lawsuit filed in U.S. District Court in Fort Lauderdale, Florida, claims that the hacking group, known as the “United States Department of Defense,” stole personal information of 2.9 billion people from the nation’s public database, Bloomberg Law reported. The breach is believed to have occurred around April, according to the lawsuit.
Here’s what you need to know about the alleged data breach.
Social Security Hack: National Public Data confirms massive data breach involving Social Security numbers
What information is included in a data breach?
The stolen files contained 277.1 gigabytes of data, including names, address histories, relatives and Social Security numbers going back at least 30 years, class action law firm Schubert, Jonckher & Kolbe said in a news release.
A post by a cybersecurity expert on X (formerly Twitter) claims that the US Department of Defense is selling 2.9 billion records of US, UK and Canadian citizens on the dark web for $3.5 million.
Since the information was put up for sale in April, other people have published different copies of the data, according to Bleeping Computer, a cybersecurity and technology news site.
A hacker known as “Fenice” leaked the most complete version of the data for free on a forum in August, Bleeping Computer reported.
The news you need to start your day smart. Sign up for USA TODAY’s Daily Briefing newsletter.
COLA 2025: Inflation will reduce estimates, but high everyday expenses will still be a burden for seniors
What is National Public Data?
National Public Data is a Florida-based background check company operated by Jericho Pictures, Inc. USA TODAY has reached out to National Public Data for comment.
The company has not publicly acknowledged the data breach, but the Los Angeles Times reported that it told people who contacted it via email that it is “aware of certain allegations from third parties regarding consumer data and is investigating these matters.”
What to do if you think your information has been stolen
If you believe your information has been stolen or exposed on the dark web, there are steps you can take to prevent fraud and identity theft.
Money.com recommends taking the following steps:
Make sure your antivirus software is up to date and run security scans on all your devices. If malware is found, most antivirus programs can remove it, but in some cases you may need professional help. Update your passwords for bank accounts, email accounts, and other services you use, making sure they are strong and different for each account. Never use personal information that a hacker could guess, including upper and lower case letters, numbers, and punctuation. Use multi-factor authentication on any account or service that offers it to verify that you are the person logging in. Check your credit report and report fraudulent use of your credit card. If you notice suspicious activity, you can ask the credit reporting agencies to place a freeze on your credit. Be careful with your email and social media accounts, and be wary of phishing (attempts to steal personal information by misrepresenting the sender of a message or email).
Source link