National Public Data Breach: In a shocking revelation, nearly 3 billion individuals had their data leaked during a cyber attack targeting National Public Data (NPD), a background-checking service also known as Jerico Pictures 1. This breach, which surfaced when a proposed class action lawsuit was filed two days ago, is one of the biggest in history, surpassing even the infamous Yahoo data breach of 2013.
NPD, a company headquartered in Coral Springs, Florida, is a background checking service that scrapes personally identifiable information (PII) of individuals from non-public sources. The leaked data includes Social Security numbers, current and past addresses spanning decades, full names, information about relatives, and more.
The breach became public when a lawsuit was filed against NPD alleging negligence, unjust enrichment, and breaches of fiduciary duty and third-party beneficiary contract. The lawsuit claims that on April 8, 2024, a criminal gang called USDoD posted a database entitled “National Public Data” on a Dark Web hacker forum called “Breached,” offering the database for purchase at a price of $3.5 million.
Security leaders have weighed in on the significance of this breach. Kiran Chinnagangannagari, Chief Product & Technology Officer at Securin, stated, “This breach not only underscores the profound risks posed by mass data aggregation but also shines a harsh light on the glaring gaps in corporate responsibility when it comes to managing and communicating such incidents.”
Chris Hauk, Consumer Privacy Champion at Pixel Privacy, emphasized the need for stronger regulations to protect consumers’ data from being stored by data brokers against their will. Paul Bischoff, Consumer Privacy Advocate at Comparitech, echoed these sentiments, stating, “I hope the forthcoming class-action lawsuit will set a precedent that forces NPD and other background check companies to inform data subjects when their info is added to a database, limit web scraping, and allow data subjects to see, modify, and delete data.”
The NPD breach highlights the critical need for organizations to prioritize data security and implement robust cybersecurity practices. As the global average cost of a data breach continues to rise, reaching $4.35 million in 2022, it’s clear that the impact of such incidents extends far beyond financial losses.
In the wake of this breach, individuals are encouraged to take proactive steps to protect their identity and data. Identity theft protection plans that offer account monitoring, alerts, and restoration support may provide some remediation assistance. However, the best defense against data breaches lies in the hands of organizations themselves, who must prioritize data security and transparency in their operations.
As the world becomes increasingly digital, the need for stringent data protection measures has never been more pressing. The National Public Data breach serves as a stark reminder that complacency in the face of evolving cyber threats is no longer an option. It’s time for a renewed commitment to data security, one that prioritizes the protection of individuals’ personal information and holds organizations accountable for their actions.
Protecting Your Data After the National Public Data Breach
In light of the recent National Public Data breach, which exposed the personal information of nearly 3 billion individuals, it’s crucial for those affected to take immediate and effective measures to safeguard their data. Here are several steps individuals can take to minimize the risks associated with this significant data breach:
- Update Passwords: Immediately change passwords for all online accounts, particularly those associated with the breached service. Use strong, unique passwords for each account, ideally at least 12 characters long, incorporating a mix of letters, numbers, and symbols.
- Use a Password Manager: Consider utilizing a password manager to generate and store complex passwords securely, reducing the temptation to reuse passwords across multiple sites.
Enable Two-Factor Authentication (2FA)
- Add an Extra Layer of Security: Wherever possible, enable two-factor authentication on your accounts. This requires not just a password but a second form of verification, such as a code sent to your mobile device, making it significantly harder for unauthorized users to gain access.
Monitor Financial Accounts and Credit Reports
- Stay Vigilant: Regularly check your bank and credit card statements for any unauthorized transactions.
- Request Credit Reports: Obtain your free annual credit report from the three major credit bureaus (Equifax, Experian, and TransUnion) to monitor any unusual activity or new accounts opened in your name.
Consider Identity Theft Protection Services
- Evaluate Options: Look into identity theft protection services that can monitor your personal information across the web and alert you to potential misuse. Some companies may offer complimentary credit monitoring services to those affected by the breach.
Freeze Your Credit
- Prevent New Accounts: If you are particularly concerned about identity theft, consider placing a credit freeze with the major credit bureaus. This prevents new accounts from being opened in your name and can be lifted when you need to apply for credit.
Stay Informed
- Follow Updates from NPD: Keep an eye on communications from National Public Data regarding the breach. They may provide additional information on the extent of the breach and further steps you can take to protect yourself.
- Utilize Government Resources: Visit IdentityTheft.gov for resources and guidance on what to do if your personal information has been compromised.
By taking these proactive measures, individuals can better protect themselves from the potential fallout of the National Public Data breach and reduce the risk of identity theft and financial loss. Staying informed and vigilant is key to navigating the aftermath of such a significant data security incident.