It hasn’t even been officially announced and it doesn’t look like one is coming any time soon. But thanks to an angry victim who has filed a class action lawsuit, at least the latest data breach is being revealed. The personal data of 2.9 billion people, which includes full names, former and complete addresses going back thirty years, Social Security Numbers, and more, was stolen from National Public Data by a cybercriminal group that goes by the name USDoD. The complaint goes on to explain that the hackers then tried to sell this huge collection of personal data on the dark web to the tune of $3.5 million. A bargain price. Not even a penny for every stolen identity. $.0012 to be exact. Your life may have been ruined for practically free.
The scale of this breach is staggering, potentially affecting nearly 40% of the world’s population. National Public Data has been scraping data from web sites and other sources online. A fun little technique that pulls information out of a website and puts it into a spreadsheet. Scraping is legal on data that is publicly available on the internet. But it appears that NPD has been scraping personally identifiable information (PII) of billions of people from non-public sources. And it also looks like NPD didn’t protect the data very well either. Overscraped and underprotected.
One of the victims, Christopher Hoffman, first found out about the breach because he was using an identity theft protection service which notified him that his data was exposed and leaked on the dark web. In his class action lawsuit Hoffman is demanding that not only NPD securely dispose of all the personal identifying information it has acquired, but also compensate the victims, while implementing stricter security measures. Because it is still OK for companies to profit from scraping personal identifying information.
Shout out to Christopher Hoffman, for demanding protection of our personal identifying information.
Today’s Fraud of The Day is based on article “2.9 billion hit in one of largest data breaches ever — full names, addresses and SSNs exposed” published by MSN News on August 8, 2024.
Regardless of how careful you are online, your personal data can still end up in the hands of hackers—and a new data breach that exposed the data of 2.9 billion people is the perfect example of this.
As reported by Bloomberg, news of this massive new data breach was revealed as part of a class action lawsuit that was filed at the beginning of this month. A complaint submitted to the US District Court for the Southern District of Florida claims the exposed personal data belongs to a public records data provider named National Public Data, which specializes in background checks and fraud prevention.
