At least two websites have been set up to allow Americans to check if they’ve been compromised.
After a data protection company confirmed that numerous Social Security numbers were hacked, several websites have appeared this week allowing people to check if they’ve been compromised in the data breach.
A lawsuit filed in a Florida court against National Public Data alleged that cybercrime organization USDoD hacked the firm and that hackers then put the database for sale on the dark web for $3.5 million. The suit claimed that about 2.9 billion records, including names and Social Security numbers, span at least the last three decades.
The plaintiff, listed as Christopher Hoffman on behalf of others affected, has accused National Public Data of failing to “properly secure and safeguard the personally identifiable information that it collected and maintained as part of its regular business practices.”
National Public Data, in a letter and in an online statement, confirmed a data breach, although it did not say that 2.9 billion records were compromised. In a filing with the Maine Attorney General’s office, the firm said that 1.3 million people were potentially exposed.
“The incident is believed to have involved a third-party bad actor that was trying to hack into data in late December 2023, with potential leaks of certain data in April 2024 and summer 2024,” stated the letter from National Public Data, a background check company.
It further confirmed that personal information such as Social Security numbers, mailing addresses, email addresses, names, phone numbers, and other data were compromised in the incident.
And in an undated statement published last week on its website, the firm confirmed the data breach and advised consumers that they should try to mitigate any potential harm associated with Social Security numbers being used for nefarious purposes. That included contacting the three major U.S. credit reporting agencies, Equifax, TransUnion, and Experian, to get a credit report.
How to Check
Since details of the incident surfaced this month, at least two third-party websites have been established to tell whether one’s Social Security number has been compromised in the breach.
One is operated by Pentester, a cybersecurity testing service, which allows a person to type their first name, last name, state, and date of birth.
