Data Breach: 3 Billion National Public Data Records with SSNs Dumped Online

Data Breach: 3 Billion National Public Data Records with SSNs Dumped Online

National Public Data, a service by Jerico Pictures Inc., suffered a massive breach. Hacker “Fenice” leaked 2.9 billion records with personal details, including full names, addresses, and SSNs in plain text. The breach poses significant risks for identity theft and financial fraud. Jerico Pictures Inc. faces potential lawsuits and legal challenges due to the incident.

A hacker using the alias “Fenice” has leaked what they claim is a treasure trove of 2.9 billion records (including duplicate data) belonging to National Public Data. This API firm specializes in criminal records and background check services and is owned and operated by Jerico Pictures Inc.

The data, which has been leaked to Breach Forums—a notorious cybercrime and hacker platform—has been divided into two links, totaling a whopping 277GB worth of information.

It is worth noting that initially, National Public Data made headlines back in April 2024 when a hacker using the alias “sxul” claimed to have breached the company and put the database on sale for $2 million. Days later, the USDoD hacker, known for breaching the FBI’s security platform InfraGard, provided their services to “sxul” and offered the data to interested parties for $3.5 million.

It is unclear whether the duo successfully sold the data, but Jerico Pictures Inc. is already facing a massive lawsuit over the breach. Meanwhile, some users aware of the incident are already taking to Reddit to reveal the misuse of their Social Security Numbers (SSNs).

An unsuspected victim of data breach at the National Public Data (Screenshot credit: Hackread.com)

What’s in the leak?

The Hackread.com research team managed to analyze the data and found that it contained personal details of unsuspecting users, including full names, addresses, cities, counties, states, ZIP codes, and Social Security Numbers (SSNs) in plain text.

Here’s a full breakdown of the leaked data, in which we have replaced the original PII data with ABC and SSN with 000000000:

ID: 10
First Name: ABC
Last Name: ABC
Middle Initial: (missing)
Suffix: (missing)
Address Line 1: ABC
City: ANCHORAGE
County: ANCHORAGE
State: AK (Alaska)
ZIP Code: ABC
Additional Fields: (various missing or empty fields)
SSN: 000000000

The data contains:

An identifier (ID) for the record.
Personal details: First name and last name.
Address details: Address line, city, county, state, and ZIP code.
Social Security Number (SSN).

The data breach at National Public Data is potentially one of the largest and most significant cybersecurity incidents in recent years. Previously, the Yahoo data breach impacted 3 billion users, setting a precedent for large-scale data compromises.

The latest breach poses a major threat to Americans as it includes plaintext SSNs, which are critical identifiers used for various financial and governmental transactions. In the wrong hands, these SSNs are highly susceptible to abuse by identity scammers, making the breach a significant security risk.

Data Breach: 3 Billion National Public Data Records with SSNs Dumped Online
Fenice on Breach Forums (Screenshot credit: Hackread.com)

With access to these Social Security Numbers (SSNs), cybercriminals can commit identity theft, open fraudulent credit accounts, secure loans, and even file false tax returns. This can lead to considerable financial loss, damaged credit scores, and prolonged legal and administrative battles for victims to reclaim their identities and rectify fraudulent activities.

Moreover, the lifelong nature of the SSN means that these risks can persist indefinitely, causing long-term vigilance and potential financial instability for those affected.

The data leak has put Jerico Pictures Inc. in a situation where the company might face additional lawsuits and other legal challenges. Hackread.com has reached out to National Public Data for comment. Stay tuned!

  1. Cyber Security firm exposes 5 billion+ login credentials
  2. 2.7 billion email addresses, plain-text passwords exposed
  3. Yahoo hacked; More than 1 billion user accounts impacted
  4. A Trove of 1.4 Billion Clear Text Credentials Leaked on Dark Web
  5. Anti-Public Combo List with Billions of Accounts Sold on Dark Web
Total
3
Shares
1 comment
  1. When you go to the NPD opt-out page (https://nationalpublicdata.com/optout.html) they offer the ability to have your data deleted IF you live in a state that has laws in place to require the right to be deleted. If you don’t you are technically out of luck. To make it more difficult they don’t provide you the form, but will email it to you after you make a request to a sales email address.

Comments are closed.

Related Posts