Massive Data Breach Exposes Personal Information of Billions, Lawsuit Claims

A staggering breach of sensitive information, including Social Security numbers, names, and addresses, is at the center of a new lawsuit, following claims that a hacking group has exfiltrated and released the personal data of billions of people. This alarming incident, potentially affecting the lives of millions, was first reported by The Los Angeles Times and has since captured nationwide attention.

The hacking group, known as USDoD, allegedly compromised the systems of National Public Data (NPD), a Florida-based background check company, stealing records of approximately 2.9 billion individuals. These records reportedly include names, Social Security numbers, address histories, and more, with data dating back over 30 years. The lawsuit, filed in U.S. District Court in Fort Lauderdale, Florida, suggests that this breach occurred around April 2024.

According to reports, USDoD initially sought to sell the stolen data on the dark web for a staggering $3.5 million. The dataset purportedly includes sensitive information from citizens of the U.S., U.K., and Canada. However, the situation took a darker turn when, in August, a hacker known as "Fenice" leaked a version of the data for free on a forum frequented by cybercriminals, further amplifying concerns about the potential misuse of this information.

The breach has not yet been officially acknowledged by National Public Data. In response to inquiries, the company has stated that it is "aware of certain third-party claims about consumer data" and is investigating the issue. However, this has done little to quell fears among the millions who may have been affected.

Christopher Hofmann, a California resident and one of the plaintiffs in the class-action lawsuit, claimed that he was alerted by his identity theft protection service that his personal information had been compromised in the breach. Hofmann and other affected individuals allege that NPD failed to notify them of the breach, leaving them vulnerable to identity theft and financial fraud.

The stolen data, which reportedly encompasses 277.1 gigabytes, includes highly sensitive information that could easily be exploited by fraudsters. The potential fallout is enormous, with affected individuals at risk of having their financial accounts infiltrated, loans taken out in their names, and other forms of identity theft.

Despite the gravity of the situation, National Public Data has not provided public confirmation of the breach. The company, which specializes in providing background checks for employers and investigators, holds a vast amount of personal information, making this breach one of the largest and most concerning in recent memory.

Security experts are urging individuals to take immediate action to protect their personal information. Recommendations include placing a freeze on credit files with major bureaus like Experian, Equifax, and TransUnion, enrolling in identity theft monitoring services, and using two-factor authentication for online accounts.

As the investigation continues, the full scope of the damage remains to be seen. For now, millions of people are left grappling with the potential consequences of having their most sensitive information exposed to the world.