Hackers may have stolen the Social Security numbers of every American from National Public Data, around 2.9 billion records
Security experts are alerting the public to a potential breach of a background check site, which may have led to the exposure of billions of Social Security and address records, potentially affecting every individual in the United States.
According to BleepingComputer, a hacking forum became active after a user claimed to possess a massive collection of documents from the data brokerage National Public Data (NPD).
NPD, which does not disclose its data collection methods on its website, is believed to gather information from publicly available records to create individual profiles typically used by private investigators or for background and criminal record checks.
The breach reportedly affects not only U.S. residents but also individuals in the United Kingdom and Canada. The alleged hack involves 2.9 billion files, said to include personal information from all three countries.
Initially, the cache was offered for sale at $3.5 million on hacker forums in April. Following this, portions of the data were shared for free on the hacker forum Breached, significantly increasing its spread online.
The compromised data includes extensive records linking names to Social Security numbers and addresses, and is said to also list potential aliases. BleepingComputer was unable to confirm if the breach truly affects every person in the U.S., UK, and Canada. However, the site’s reporters verified that some individuals' names, Social Security numbers, and addresses in the leaked data were accurate, though some current addresses were outdated. Others found their Social Security numbers associated with individuals who were not themselves.
It’s important to note, as BleepingComputer points out, that each record is linked to every address a person has lived at. Therefore, if you've moved frequently, your record from this breach could include multiple addresses associated with your name.