Cyber experts: Hackers already have your personal information
Leaked details from the alleged National Public Data breach could ignite a wave of identity theft.
Every American’s social security number may now be available on the dark web, according to a class-action lawsuit filed in U.S. District Court in Fort Lauderdale and first reported by Bloomberg Law.
The lawsuit describes an April 2024 data breach in which a hacking group by the name of USDoD claims to have stolen personal information on nearly 3 billion people from National Public Data, a company that provides individual background checks to prospective employers along with banks, insurers and service providers. The group reportedly offered to sell the information, which impacts people in the U.S., Canada and the U.K., before releasing it online for free.
National Public Data declined to comment publicly about the breach, according to the Los Angeles Times. However, if the event is as far-reaching as hackers claim, cybersecurity experts say it could ignite a wave of identity theft and should serve as a “five-alarm wake-up call.”
In addition to social security numbers, the leaked data potentially includes individual names, birth dates, email addresses and physical addresses. It’s enough for bad actors to “cause all kinds of chaos, commit all kinds of crimes [and] steal all kinds of money,” Teresa Murray, consumer watchdog director for the U.S. Public Information Research Group, told the Los Angeles Times.
There are insurance options to address identity theft, Bankrate reports: “Identity theft coverage home insurance is available from most major carriers as a rider or endorsement to a homeowners policy and a few include it in standard home policies. Identity theft coverage varies widely, from reimbursement of stolen funds to a host of services to help repair the financial damage.”
Such policies or riders may cover:
- Assistance of a fraud specialist
- Credit monitoring services
- Reimbursement of lost wages caused by taking time off from work to restore your credit or reclaim your identity
- Aiding with civil judgments, criminal charges, audits or hearings related to fraud perpetrated by the “imposter”
- Professional assistance in reclaiming your identity and restoring your credit
- Reimbursement of costs involved in replacing identification documents, such as a driver’s license, passport or Social Security card
- Reimbursement of audit and account application fees
- Reimbursement of attorney’s and court fees associated with civil judgments
Beyond insurance, cybersecurity experts recommend the following steps once an individual or business suspects they’ve been victimized by identity theft:
- Freeze credit files through all three major credit bureaus.
- Sign up for a credit-monitoring service for speedy account-activity alerts.
- Check out the free online cybersecurity tools that allow you to search the dark web for exposed personal information.
- Use strong and diverse online passwords.
- Take advantage of multifactor authentication.
- Never give out unsolicited personal information.
- Be on the lookout for strange-looking or sounding phishing emails or texts.
See also: