A major data breach of an estimated 2.9 billion records has been revealed as part of a Floridian class action complaint.
The hacking group USDoD sourced the massive database after they infiltrated National Public Data, an information broker that conducts API searches for background checks.
The compromised information includes decades worth of names, addresses, social security and information linking relatives.
The massive database was priced at $3.5 million and first seen online during April 2024. The contents were later verified to be at least semi genuine.
Since the initial leak multiple threat actors have released partial versions of the data. As of August 6th the largest amount of data was posted publicly completely for free on hacking forum ‘Breached’. However, this is yet to be verified as the poster claimed this leak came from a threat actor called ‘SXUL’ rather than USDoD.
This data contains 228GB which includes almost 2.7 billion plaintext records. Whilst full analysis of the data has not yet begun, users on the forum have confirmed that it included legitimate information about themselves and their families, including deceased family members.
Who is USDoD?
The USDoD is a threat actor or cybercriminal gang who has claimed responsibility for the massive social security number data breach.
They have a reputation for involvement in leaking databases of personal information. Their previous attacks have included major companies like Airbus as well as government entities like the US Environmental Protection Agency.
What to do if your data is in the social security numbers data breach?
If you’re an American citizen unfortunately the chances are that your personal information has been leaked in this data breach.
According to the current lawsuit, affected parties have not yet been notified of the breach by National Public Data or any related companies, though it is likely that we will see an update on this from the National Public Data team as the story develops.
Although this can be distressing, there are steps you can take to mitigate any negative impact.
Monitor your financial accounts which is good general practice to keep regularly. Keep an eye out for any unusual activity on your bank statements. If you notice anything suspicious, report it to your bank immediately.
Ensure you are vigilant about potential phishing emails. Scammers might use the breach to send emails pretending to be related to this latest breach. These emails attempt to trick you into clicking on dangerous links.
Although it is not likely any passwords have been leaked, it is always good practice to update unique passwords.
Authentication questions such as your mothers maiden name or the street name of your first house may be detailed in the breach so ensure that you set up multi factor authentication on your accounts.
MFA requires you to provide two or more pieces of evidence to verify your identity when you log in. Even if threat actors have been able to access your verification information they will not be able to log in without further authentication.
You might also consider employing credit monitoring services. These tools continuously track your credit reports for any suspicious activity, including new accounts opened in your name, changes in your credit score, or unusual credit inquiries.