2.9 Billion Hit in One of the Largest Data Breaches Ever
upstart writes:
2.9 billion hit in one of the largest data breaches ever:
Regardless of how careful you are online, your personal data can still end up in the hands of hackers-and a new data breach that exposed the data of 2.9 billion people is the perfect example of this.
As reported by Bloomberg, news of this massive new data breach was revealed as part of a class action lawsuit that was filed at the beginning of this month. A complaint submitted to the US District Court for the Southern District of Florida claims the exposed personal data belongs to a public records data provider named National Public Data, which specializes in background checks and fraud prevention.
The personal data of 2.9 billion people, which includes full names, former and complete addresses going back 30 years, Social Security Numbers, and more, was stolen from National Public Data by a cybercriminal group that goes by the name USDoD. The complaint goes on to explain that the hackers then tried to sell this huge collection of personal data on the dark web to the tune of $3.5 million. It's worth noting that due to the sheer number of people affected, this data likely comes from both the U.S. and other countries around the world.
Here's everything we know so far about this massive data breach along with some steps you can take to stay safe if your personal information was exposed online.
So how does a firm like National Public Data obtain the personal data of almost 3 billion people? The answer is through scraping which is a technique used by companies to collect data from web sites and other sources online.
What makes the way National Public Data did this more concerning is that the firm scraped personally identifiable information (PII) of billions of people from non-public sources. As a result, many of the people who are now involved in the class action lawsuit did not provide their data to the company willingly.
According to the complaint, one of the plaintiffs who resides in California first found out about the breach because he was using one of the best identity theft protection services which notified him that his data was exposed and leaked on the dark web.
As part of the class action lawsuit, this plaintiff is asking the court to have National Public Data securely dispose of all the personal information it acquired through scraping. However, he also wants the firm to compensate him and the other victims financially while implementing stricter security measures going forward.
With full names, addresses and Social Security Numbers in hand, there's a lot that hackers can do with this information, especially when it was made available for sale on the dark web.
Read more of this story at SoylentNews.