Andrew Orr
A massive lapse of security at National Public Data has resulted in the theft of a wide array of personal data — including social security numbers — for almost every American. You can't rewind time to prevent the theft, but there are ways to check if you've been exposed.
National Public Data, a company specializing in background checks, confirmed a significant data breach. Hackers infiltrated their database, stealing personal information like names, addresses, and SSNs. The 277GB database is now available for download on a notorious cybercriminal forum, making it a goldmine for identity thieves.
The breach is massive, with 272 million unique social security numbers and 600 million phone numbers. It's twice as large as the infamous Equifax breach in 2017.
How to check if you were affected
Two cybersecurity firms have stepped up to help people determine whether their personal information was exposed in the breach.
Atlas Privacy Data Corporation has created a website, npdbreach.com, which allows users to check if their SSN, phone number, or name and ZIP code are included in the breached database. The site doesn't store user searches, ensuring privacy while investigating.
NPDbreach.comThe company says 20% of breach records are legitimate but warns that not all information is accurate.
Another cybersecurity company, Pentester, has also launched a site at npd.pentester.com. The platform provides a more detailed view by revealing a user's redacted SSN, date of birth, complete address, and phone number.
While this can help users confirm whether the information is theirs, it also risks exposing partial data that others could exploit. Pentester notes that they've limited the data shown on the site to balance between providing useful information and protecting user privacy.
PentesterDespite the breach's magnitude, National Public Data only acknowledged 1.3 million users affected, which seems low given the leaked data.
To protect yourself, place a free credit freeze and fraud alert with the major credit bureaus — Equifax, Experian, and TransUnion. A freeze can prevent unauthorized people from opening new accounts in your name.
-m.jpg)
Wesley Hilliard
Malcolm Owen
William Gallagher
Sponsored Content
Christine McKee
Thomas Sibilly
17 Comments
Regarding the NPD Breach check. Maybe it's just me, but filling in an online form asking for my details and SS# doesn't feel comfortable.
I noticed that in the US you have to provide your SSN all the time.
Whereas in the Netherlands (as example) you log in through a secure system where other validated organizations can connect to (DigiD) and simply get a “SSN correct” or “SSN no match” result.
Correcting this national problem should be the responsibility of the federal government, not the individual victims. It is a the ID number from a federal program that has been stolen. It seems that in this case that the federal government has too little power, not too much.
MacPro said:
Do you have an SSN?
Agreed, but there’s an easier way to find out if you SSN has been stolen.
if you answered ‘yes,’ then it’s been stolen.