A massive data breach may have compromised an extensive collection of Social Security numbers and other confidential data affecting millions, potentially circulating through a hacker forum, according to a report from The Los Angeles Times this week.

The hacking group USDoD purportedly stole the private records of 2.9 billion people from National Public Data, as indicated in a class-action lawsuit lodged in U.S. District Court in Fort Lauderdale, Florida, according to Bloomberg Law. This incident reportedly occurred around April 2024, as detailed in the lawsuit.

Here’s essential information regarding the reported data breach.

What data was compromised in the breach?

The law firm Schubert, Jonckheer & Kolbe stated in a press release that the compromised file consists of 277.1 gigabytes of information, which includes names, address histories, family connections, and Social Security numbers that date back at least thirty years.

A cybersecurity expert recently shared on X (previously known as Twitter) that USDoD is allegedly attempting to sell the records of 2.9 billion individuals from the U.S., U.K., and Canada on the dark web for $3.5 million.

Since the initial sale announcement in April, other versions of the data have surfaced, as reported by Bleeping Computer, a cybersecurity news outlet.

A hacker using the alias “Fenice” disclosed the most comprehensive version of this data for free on a forum in August, as per Bleeping Computer’s report.

What is National Public Data?

National Public Data is a background check firm located in Florida, operating under Jerico Pictures, Inc. YSL News has reached out to the company for comment.

While the company hasn’t confirmed a data breach publicly, The Los Angeles Times stated that it informed individuals who inquired via email that “we are aware of certain third-party claims regarding consumer data and are investigating these matters.”

Steps to take if you believe your information is compromised

Money.com recommends the following actions:

• Ensure your antivirus software is current, and perform security checks across all your devices. If you discover malware, most antivirus solutions can remove it, though sometimes professional assistance may be required.
• Change your passwords across bank accounts, email, and other services you frequent. Make sure these passwords are strong and unique, incorporating a mix of uppercase, lowercase, numbers, and special characters. Avoid using easily guessable personal information.
• If available, enable multi-factor authentication for your accounts to confirm your identity during logins.
• Review your credit report; report any unauthorized activity on your credit cards. If you spot suspicious transactions, you can request a credit freeze from credit bureaus.
• Exercise caution with your email and social media accounts, as well as be vigilant against phishing attempts, which aim to deceive you into revealing personal information.