Sensitive personal information belonging to every American, including their Social Security number, address, date of birth and phone number, was stolen online by hackers who put the information up for sale on the dark web, a lawsuit says. .
The class action was filed against Jerico Pictures Inc., a background check and fraud prevention company that does business as a national public record.
A cybercriminal group calling itself the USDoD uploaded a large database titled “National Public Data” to a dark web forum.
The database, which the group has offered for sale for $3.5 million, is said to contain the personal information of nearly 3 billion people living in the United States, United Kingdom and Canada, according to a federal lawsuit filed in Fort Lauderdale in August. 1.
Cybersecurity experts said that much of the stolen data is duplicates and that the actual number of people affected by the breach is likely to be smaller than claimed in the lawsuit.
News of the lawsuit was first reported by Bloomberg Law.
NPD reportedly collects data from public information sources, which it then uses to compile user profiles about people in the US and other countries.
According to the news site BleepingComputer, several individuals have confirmed seeing their and their family members’ legitimate information, including Social Security numbers and mailing addresses belonging to living and dead people.
The lawsuit was initiated by California resident Christopher Hofmann, who said an identity theft watchdog notified him earlier this summer that his data had been exposed in a breach and leaked onto the dark web.
Hofmann is asking NPD to purge its data of all personal information and to encrypt all data collected in the future.
He seeks unspecified monetary damages.
The Post has requested comment from the NPD.
How to know if your Social Security number has been leaked
Dr. Tommy Morris, a cybersecurity expert who teaches at the University of Alabama in Huntsville, recommended that Internet users visit this free website to determine if their data was hacked in the NPD breach.
Morris told The Post: “There are credit monitoring services available that monitor the Internet for references to your Social Security number and other personally identifiable information.”
While these services typically cost money, major credit bureaus, Google and others offer these services for free, according to Morris.
Cybersecurity experts are urging those who fear their social security number has been hacked to visit the website Have I Been Pwned.
Visitors to the site can enter their email address to see if their personal data has been leaked — though it’s unlikely to confirm whether your Social Security number is circulating on the dark web.
It is likely that some of your personal data has appeared on secret websites that cybercriminals use to traffic and trade information.
How to raise your social security number
The safest way to protect yourself is to freeze your credit files.
“If you suspect your Social Security number has been spoofed, the first step you should take is to pull your credit files to the three major credit bureaus, Experian, Equifax and TransUnion,” Ted Jenkin, an Atlanta-based business consultant . , told The Post.
“It’s also a good idea to notify your bank and/or brokerage firm of any unusual activity.”
Jenkin said tax filers should be on the lookout for someone who might try to use the stolen data to file fraudulent tax returns with the IRS.
“Most importantly, it’s entirely possible that someone next tax season will try to file a fraudulent tax return, so look into getting a PIN number from the IRS for filing your taxes,” he said.
Justin Rush, a Michigan-based financial planner, agreed, telling The Post, “Freezing your credit reports is generally a good habit to get into in case a bad actor tries to apply for a credit card or loan in your name.”
“After that, there are many identity theft products that can help monitor activity and put an extra layer of security and monitoring in place.”
How to minimize the chances of your Social Security number and information being leaked
Tony Fiorillo, a financial advisor with Indianapolis-based Asset Management Strategies, told The Post that he tells his clients to protect their data by enabling two-factor authentication and purchasing a separate device — either a cheap laptop or a tablet – which will be used exclusively to access the money pages.
“Don’t read email, surf the web, or do any online activity [on your separate device] other than logging into your money pages,” Fiorillo told The Post.
Andy LoCascio of consulting firm QVeritySecure told The Post that people should check all recent bank transactions and change all bank passwords.
“Never assume that only your password has been stolen,” he said.
“Always treat this as identity theft and change all of your other passwords. If someone tries to access one of those accounts, you may receive an email that provides additional visibility into what’s been caught.”
#Hackers #stolen #social #security #number #Heres #protect
Image Source : nypost.com