Millions of Americans are at risk after hackers seized access to their personal data, including their Social Security numbers, according to a new lawsuit filed by one of the victims.
hacker over a screen with binary code. (Shutterstock/adike)
A hacker group known as USDoD posted a database titled “National Public Data” on a dark web forum on April 8th, claiming to contain the personal data of nearly 3 billion individuals, according to an article by Bloomberg Law.
The group set the price at $3.5 million for this treasure trove of information. The scope of this breach, if confirmed, would rival the infamous 2013 Yahoo! hack, which compromised the data of approximately 3 billion users, Bloomberg reported.
The stolen data includes Social Security numbers, full names and addresses dating back decades.
Additionally, it contains details about relatives, some of whom have been deceased for nearly 20 years, one of the victims alleged. National Public Data did not immediately respond to requests for comment, leaving millions of Americans in the dark about the fate of their personal information, according to a complaint filed in the US District Court for the Southern District of Florida.
The named plaintiff, Christopher Hofmann, a resident of California, was notified on July 24 by his identity-theft protection service that his data had been exposed in the breach and leaked on the dark web, according to the outlet. Hofmann accuses National Public Data of negligence, claiming the company failed to properly secure and safeguard the personally identifiable information (PII) collected, the outlet reported. (RELATED: Iranian Cyber Attacks Targeted Accounts Linked To Trump, Biden, Google Confirms)
The breach raises significant concerns about the security measures employed by companies that handle sensitive personal data. Despite the increasing frequency of cyber-attacks and data breaches, many organizations continue to fall short in implementing adequate security measures. The complaint suggests that National Public Data scraped PII from non-public sources without the knowledge or consent of the affected individuals, adding another layer of concern regarding data privacy.
Hofmann’s lawsuit seeks monetary relief, as well as a series of measures to ensure the future security of personal data. These include requirements for National Public Data to segment data, conduct regular database scans, implement a threat-management program and appoint a third-party assessor to evaluate its cybersecurity frameworks annually for the next decade.
This breach underscores the importance of cybersecurity in today’s digital age. As more businesses collect and store vast amounts of personal data, the risk of such information falling into the wrong hands increases exponentially. The fallout from this breach is likely to be far-reaching, with millions of Americans now potentially exposed to the dangers of identity theft and other forms of cybercrime.