2.9 Billion Records, Including Millions of Social Security Numbers Leaked as Background Checker Suffers Massive Data Breach
Today at 03:38 PM
National Public Data (NPD) sources personally identifiable data from public and court records as well as other repositories to provide online background checks and fraud prevention services. The company confirmed several weeks ago that it suffered a data breach involving 2.9 billion records dating back at least three decades. According to a class action lawsuit filed by Schubert, Jonckheer & Kolber in early August, the data hack included millions of Social Security numbers (SSN) and other personal information like names, email addresses, and phone numbers. The leak allegedly occurred in April, around the same time the stolen information was put up for sale for $3.5 million by the cybercriminal group USDoD on the dark web.
Although NPD has been working with investigators to enforce more robust security measures, leaked Social Security numbers can be grossly misused by threat actors to file fake tax returns, make investments or apply for loans and credit cards in your name. The consequences can be unforeseen tax liabilities or outstanding debt in your credit profile. Furthermore, a poor credit score impacts your chances of securing loans, low-premium insurance policies, renting an apartment, and even securing a job. Identity theft cases are rapidly surging in the US as cybercriminals use increasingly sophisticated methods, including synthetic identity theft tactics, to steal personal information for financial fraud. The Federal Trade Commission (FTC) disclosed that over half a million identity theft cases were reported in the first half of this year, where credit card fraud was the most prevalent type.
How To Check If Your SSN Data Was Exposed
Cybersecurity company Pentester.com developed a tool for instantly checking whether your SSN, date of birth, or other personal information was involved in the data breach. Pentester.com co-founder Richard Glaser thinks the security incident poses a significant risk to American citizens. To prevent misuse of SSNs, he even urged people to place a credit freeze on their credit reports with bureaus like TransUnion or Equifax, mainly because SSNs don't change. However, the Social Security Administration may issue you a new SSN in some cases if your current SSN is misused despite trying everything to prevent it.
Meanwhile, NPD recommends that consumers monitor their financial accounts and credit reports for unauthorised activity. Credit reporting platforms like Credit Sesame allow you to check your credit score and set fraud alerts for free. While placing a fraud alert on your credit report can help you report suspicious loan inquiries or account entries, WalletHub CEO Odysseas Papadimitriou thinks a credit freeze is better. "A fraud alert is more of a heads up to lenders, which they can easily ignore. It doesn't do much in practice," Papadimitriou told USA Today. "A freeze, on the other hand, stops fraud in its tracks by preventing identity thieves from opening accounts in your name." He explained that these steps are necessary because the leaked data is likely with the hackers.
Things To Keep In Mind Before Freezing Credit Profile
A credit freeze will prevent identity theft attempts by preventing credit reporting agencies from sharing your credit report data with any lender or person requesting the information. This way, you can prevent new credit accounts from being opened in your name. The credit freeze facility is free and doesn't impact your credit score, but you must contact each reporting agency individually to issue or lift a freeze. Furthermore, a credit freeze will remain in place indefinitely, so you must plan ahead and request a temporary lift on the freeze every time you want to open a new credit account.
