A surge of lawsuits has ensued after millions of Social Security numbers were exposed in a significant data breach.
At a Glance
- National Public Data confirms a data breach, exposing millions of Social Security numbers.
- The hacking group USDoD claims theft of personal records of 2.9 billion individuals.
- National Public Data has not formally notified those affected.
- House Committee is investigating the cyberattack.
Data Breach Details
National Public Data has confirmed a data breach executed by hackers that resulted in the exposure of millions of Social Security numbers and other sensitive personal information. The breach is linked to a hacking attempt in late December 2023. The stolen data includes names, email addresses, phone numbers, Social Security numbers, and postal addresses.
According to reports, the hacking group USDoD claimed responsibility for the breach and alleged that they had stolen the personal records of 2.9 billion individuals from National Public Data. They initially offered the data for $3.5 million and later released a significant portion of it for free on an online marketplace.
Company Response and Legal Actions
National Public Data has yet to formally notify those affected by the breach. Instead, the company has purged its database and claims to have deleted any non-public personal information. Despite these measures, the lack of transparency has raised significant concerns.
A class action lawsuit was initiated on August 1, 2024, in the Southern District of Florida against National Public Data. The suit alleges that the company failed to prevent the breach and allowed unencrypted personal information to be stolen and posted online.
House Committee on Oversight and Accountability Chairman James Comer and Subcommittee on Cybersecurity, Information Technology, and Government Innovation Chairwoman Nancy Mace are investigating the breach. They have criticized the company for its lack of transparency and demanded a briefing by August 30, 2024.
Impact and Recommendations
Experts warn that scammers may exploit the exposed data for SIM swaps and port-out fraud to hijack phone numbers. They recommend placing a freeze on credit files at major bureaus to prevent new accounts from being opened in one’s name. Affected individuals can check if their information was involved through services provided by cybersecurity firm Pentester.
In the words of Odysseas Papadimitriou, CEO of WalletHub, “Names, addresses and phone numbers might change, but your Social Security number doesn’t.” This breach highlights the paramount importance of data security and transparency.
Millions of Social Security numbers and billions of records were leaked https://t.co/gno0tLXcoe
— San Francisco Business Times (@SFBusinessTimes) August 22, 2024
Sources
- National Public Data Confirms Breach Exposing Social Security Numbers
- Hackers may have stolen the Social Security numbers of every American. Here’s how to protect yourself
- Comer & Mace Open Probe into National Public Data Breach Exposing Millions of Americans’ Personal Information
- Social Security numbers could have been compromised in what could be the biggest data breach ever
- ‘A Wake-Up Call’: Experts Assess Impact of SSN Data Breach Case
- National Public Data confirms massive data breach included Social Security numbers
- Credit firm Equifax says 143m Americans’ social security numbers exposed in hack
- Class action suit reveals major data breach, exposing Social Security Numbers
- France: 33 Million Social Security Numbers Exposed in Health Insurance Hack
- AT&T data breach exposes 73m customers’ information, sparks lawsuits