You might be affected by one of the biggest data breaches ever and not even know it.
A recent class action lawsuit filed against Jerico Pictures Inc., a background check company that does business under the name National Public Data, claims that the company was breached by hackers earlier this year.
As a result, the lawsuit says, confidential data for 2.9 billion was exposed and stolen by a hacker group known as USDoD.
Making matters even worse, those affected by this cyberattack may not even know they could be involved. National Public Data reportedly gathers its data by scraping information about individuals from non-public sources without their knowledge or consent.
The exposed information contains varying details for nearly 3 billion people which include full names, former and current addresses, and Social Security numbers as well as personal data tied to family members and relatives who are both living and deceased.
This breach was previously unknown to the public. It's unclear when exactly the breach occurred. Named plaintiff Christopher Hofmann says he only became aware of the issue when an identity theft protection service notified him in July that his personal information had been compromised and leaked on the dark web.
The group posted a "National Public Data" database containing the leaked information on a dark web hacking forum in April, and sought $3.5 million from a potential buyer.
Just last month, Mashable reported on RockYou2024, another large data leak which saw nearly 10 billion users' password credentials being exposed. However, that data was an updated compilation of previous leaks and breaches from years earlier.
With billions exposed, the National Public Data breach appears to be one of the biggest single data breaches ever, seemingly rivaled only by Yahoo's 2013 data breach which affected 3 billion accounts.
Mashable has reached out to National Public Data for comment and will update if we hear back.
Topics Cybersecurity