A massive computer hack may have compromised the Social Security numbers of every American, with a Florida company at the heart of the breach. According to the L.A. Times, a hacking group claimed to have stolen the data, placing almost three billion individual records for sale on the dark web.
Engadget, citing Bleeping Computer, reported that the data consists of 2.7 billion records of personal information, including Social Security numbers and physical addresses of Americans.
It was stolen from a company called “National Public Data” out of Coral Springs, Florida. Those records are from the U.S., U.K., and Canada.
Who is behind the data theft?
a class-action lawsuit filed in federal court in Fort Lauderdale, Florida revealed that a hacking group called USDoD had stolen records from National Public Data (NPD). NPD provides personal information to employers, private investigators, and others conducting background checks.
According to a class action lawsuit , NPD obtained the data without consent, and the breach occurred sometime in April 2024.
Initially, USDoD sought to sell the stolen data for $3.5 million, but they have since released most of it for free on an online exchange for stolen personal information. The group claims to have 2.9 billion records containing personal data from individuals in the U.S., Canada, and the U.K.
The stolen data includes full names, addresses, dates of birth, phone numbers, and, for U.S. citizens, Social Security numbers.
“We offer people advice on how to protect themselves, but is this a losing battle?” cybersecurity expert Craig Agranoff said. “Unfortunately, it is, because hackers are often more skilled than we are. These could be 14-year-old kids in some foreign country just having fun.”
National Public Data has yet to formally notify individuals about the data breach.
