National Public Data Confirms Major Data Breach Exposing Social Security Numbers
National Public Data, a company based in Coral Springs, Florida, that aggregates data for background checks, has confirmed a significant data breach that exposed Social Security numbers and other personal information of millions of Americans.
In a notice posted on its website, the company acknowledged that "a data security incident may have involved some of your personal information." The breach is believed to have been initiated by a third-party hacker in late December 2023, with potential leaks occurring in April and summer 2024.
The breach came to light through a class action lawsuit filed in U.S. District Court in Fort Lauderdale, Florida, and was first reported by Bloomberg Law. According to the law firm Schubert, Jonckheer & Kolbe, which filed the suit, the breach involved 2.9 billion records, including names, addresses, Social Security numbers, and information about relatives, with data going back at least three decades.
NPD confirmed that the compromised data included names, email addresses, phone numbers, mailing addresses, and Social Security numbers. The company is cooperating with investigators and has implemented additional security measures to prevent future breaches and protect its systems.
To check if your Social Security number and other data were compromised, cybersecurity firm Pentester has created a tool that shows names, addresses, address histories, and Social Security numbers from the breach. This tool is available on their website.
Pentester.com co-founder Richard Glaser advised freezing credit reports, noting that while names, addresses, and phone numbers may change, Social Security numbers do not. The availability of such sensitive information to threat actors poses a serious risk, particularly as financial institutions use Social Security numbers for loan applications, credit cards, and investments