National Public Data (NPD), a background check company owned by Jerico Pictures Inc., has confirmed that it was the target of two major cyberattacks this year, leading to the potential compromise of billions of personal records. The breach, which was first detected in April, allegedly exposed sensitive information, including Social Security numbers, phone numbers, email addresses, and mailing addresses of individuals in the United States, Canada, and the United Kingdom. The data has reportedly been put up for sale on the dark web, sparking widespread concern and frustration among those affected.
Hackmanac, a cybersecurity firm, first raised alarms about the breach in April, claiming that around 2.9 billion records were being offered for sale. The breach has since led to a class-action lawsuit filed in the U.S. District Court for the Southern District of Florida. The lawsuit, which seeks to represent the potentially billions of victims, alleges that the stolen data was listed for sale by the cybercriminal group USDoD for $3.5 million.
NPD acknowledged the breaches in a public statement on its website, noting that it has cooperated with law enforcement and implemented additional security measures to prevent future incidents. However, the company did not specify the exact number of individuals affected. The breach has left many questioning the security of their personal information, as data breaches have become increasingly common. In the first half of 2024 alone, more than 1,500 data breaches were reported, impacting around 1 billion people, according to the Identity Theft Resource Center.
For those concerned about the security of their personal information, cybersecurity experts recommend immediate steps such as changing passwords, being cautious of phishing attempts, and considering identity theft protection services. While not every compromised record leads to identity theft, the risk of fraud and unauthorized access increases significantly with such breaches.
Expanded Coverage: