Excerpt from The Cyber Express Article, Published on Aug 07, 2024.
A class-action lawsuit accuses National Public Data of a massive data breach, exposing personal information of nearly 3 billion people, including names, addresses, and SSNs. The breach, allegedly caused by a security lapse, has led to the sensitive data being released on the dark web by a threat actor known as “USDoD.” This incident could surpass the infamous 2013 Yahoo breach, marking it as one of the largest cybersecurity breaches in history.
The lawsuit, filed in the US District Court for the Southern District of Florida by California resident Christopher Hofmann, claims National Public Data’s data scraping practices led to the exposure of vast amounts of sensitive information from non-public sources without consent. This includes full names, addresses spanning 30 years, Social Security Numbers, and information about relatives.
The lawsuit demands that National Public Data purge the personal information of all affected individuals, encrypt all collected data, and implement stringent cybersecurity measures. These measures include segmenting data, conducting database scans, implementing a threat-management program, and appointing a third-party assessor to evaluate its cybersecurity frameworks annually for 10 years.
As the legal proceedings unfold, affected individuals are advised to monitor their credit reports, enable credit freezes, consider identity theft protection services, and change passwords to safeguard against potential misuse of their personal information.
National Public Data has not yet issued an official statement regarding the breach, which continues to raise significant concerns over data security and privacy.
To delve deeper into this topic, please read the full article on The Cyber Express.
