What Happened? A massive data breach has emerged, exposing nearly 2.7 billion personal records from individuals in Canada, the United Kingdom, and the United States. This incident is notable for the sheer scale of data revealed, potentially making it one of the largest breaches ever recorded.
Despite the enormity of this breach, many details remain unclear, including the exact number of people affected. This event underscores the challenges of safeguarding personal data in a digital era, highlighting issues related to data collection practices and unauthorized scraping of information from non-public sources.
The leaked data comprises sensitive details such as names, addresses, and Social Security numbers. It is believed that this information was taken from National Public Data (NPD), a company that collects and sells data for legitimate purposes under Jerico Pictures Inc. A lawsuit has been filed accusing NPD of scraping data from non-public sources without permission.
The lawsuit further alleges that NPD breached its fiduciary duties and gained unfair advantages. As of now, NPD has not confirmed the breach or provided specifics on how it occurred.
Initially, a hacker identified as USDoD claimed responsibility for the theft, attempting to sell the data for $3.5 million. USDoD is known for other breaches, including a previous attempt to sell InfraGard's user database for $50,000 in December 2023.
On August 6, a user named Fenice posted what is believed to be the most comprehensive version of the stolen data for free on a hacking forum, attributing the breach to another hacker, SXUL.
In response, a class action lawsuit was filed in Florida against NPD. This lawsuit refers to VX-Underground, a cybersecurity educational site, which reported that USDoD had listed the database for sale, claiming it contained 2.9 billion records. VX-Underground confirmed the data's authenticity after reviewing a 277.1GB file.
Despite these claims, there are inconsistencies, such as the discrepancy between the alleged number of records and global population data. The US population is under 1 billion, and the world’s population is around 8.07 billion, casting doubt on the actual number of affected individuals.
Verification efforts have faced obstacles. It remains uncertain if the leak includes data for every US citizen. While some individuals have verified their details, issues like incorrect Social Security numbers and outdated addresses suggest the data might come from an old backup. Furthermore, many people have multiple records, complicating the assessment of the breach's full impact.
In light of this breach, individuals are advised to monitor their credit reports for signs of fraud and stay alert for phishing attacks via email and SMS. The breach includes email addresses and phone numbers, increasing the risk of targeted scams.
:max_bytes(150000):strip_icc():format(webp)/alec-baldwin-torino-film-festival-121824-3cf7cfbe5c4f4bcbb9197de4de062ea6.jpg?strip=all&resize=370,370)
:max_bytes(150000):strip_icc():format(webp)/Jimmy-Fallon-and-Prince-Harry-092624-baa1362d743d4f39a7d60bf57eb6e8b2.jpg?strip=all&resize=370,370)
:max_bytes(150000):strip_icc():format(webp)/randy-moss-121324-40b858c71b0f40bfa399e2fe00152b2a.jpg?strip=all&resize=370,370)
:max_bytes(150000):strip_icc():format(webp)/scandal-kerry-washington-121824-c51a2b5f0ef741268474bec2498c285a.jpg?strip=all&resize=370,370)
