A significant data breach has occurred, exposing nearly 2.7 billion records of personal information, including Social Security numbers, names, and addresses of U.S. residents, on a hacking forum. The data was sourced from National Public Data, a company that compiles personal information for background checks and investigations. The leaked data, which includes both accurate and outdated records, was released after failed attempts to sell it for $3.5 million. The breach has sparked multiple class action lawsuits and raised concerns about identity theft and fraud.
This data breach involves two text files totaling 277GB of plaintext records. While not all the data is up-to-date, it still poses significant risks. Earlier samples of the leak included phone numbers and email addresses, which were not present in this most recent dump. Some individuals have reported that their Social Security numbers were associated with unknown people, indicating inaccuracies in the data.
Given the scale of the breach, it is likely that many U.S. residents have been affected. Those impacted are advised to monitor their credit reports for fraudulent activity and be vigilant against phishing attempts, as previous leaks included contact information like email addresses and phone numbers.
The breach has led to several class action lawsuits against the company operating as National Public Data, for failing to protect this sensitive information. The incident underscores the importance of robust data protection measures, especially when dealing with personal and sensitive information.
