A lawsuit filed earlier this month claims that hackers stole the Social Security numbers of virtually all Americans.
The lawsuit hold that hackers gained access to the Social Security numbers, past and current addresses, names of siblings and parents, and other personal information of “billions of individuals”, this all according to a report by the Los Angeles Times published earlier this week.
According to Bloomberg Law, the lawsuit was filed by Christopher Hofmann of California who claims that his identity theft protection service alerted him that his personal information had been leaked to the dark web by the “nationalpublicdata.com” breach.
The breach allegedly occurred around April 2024. It is claimed that a hacker group called USDoD obtained the unencrypted personal information from National Public Data (NPD), a background check company based in Coral Springs, Florida.
Earlier this month, hackers leaked a version of the stolen NPD data on a hacking forum, according to tech site, Bleeping Computer. The hacker claimed that the files include 2.7 billion records, each one listing a person’s full name, address, date of birth, Social Security number and phone number.
According to the lawsuit, on April 8th of this year, USDoD posted a database called “National Public Data” on the dark web. They claimed it contained information on approximately 2.9 billion individuals. It was offering the information for $3.5 million dollars. Bleeping Computer later reported that those files were leaked for free on a separate hacker forum.
It’s unclear whether or not NPD alerted its customers about the breach, but the lawsuit claims it did not.
What you can do if you think hackers got a hold of your personal information.
If you believe your information has been stolen or has appeared on the dark web, here are some steps you can take to protect yourself from fraud or identity theft.
- Make sure your antivirus protection is up to date.
- Perform security scans on all your devices to detect any potential malware.
- Update your passwords. Make sure they different for every account. Include uppercase and lowercase letters, numbers and punctuation marks. Don’t use any personal information in your passwords.
- Use multi-factor authentication wherever possible.
- Check your credit report. Report any unauthorized use of your credit cards. If you notice any activity that concerns you or looks suspicious, ask the credit bureaus to put a freeze on your credit. Freezing your credit is free, and it will stop bad actors from taking out loans or opening credit cards in your name.
- Be mindful of your email and social media accounts and be on the alert for any phishing attempts.
- Enroll in a tracking service that will alert you if your data appears on the dark web.