The massive National Public Data (NPD) breach occurred in multiple stages with the initial security incident happening a year ago this month. In April 2024, a cybercriminal known as USDoD began selling the stolen data on the Dark Web and in July everything became public knowledge. NPD didn’t officially acknowledge the breach until August 12th.
With up to 2.9 billion records of unencrypted, unredacted personally Identifiable Information (PII) exposed, many went about changing passwords at the time and have long forgotten about the vulnerability caused by this breach. This is a mistake.
The recent surge in identity theft and related fraud is proving that the aftermath of the NPD breach will not be subsiding any time soon. For months now over 270 million social security numbers have been circulating on the Dark Web, along with full names, addresses, phone numbers, etc. Criminals are having a field day opening fraudulent credit card or financial accounts and bilking the system.
The sheer scale of PII that was exposed this year warrants ongoing action and vigilance to minimize the possibility of becoming a victim to fraudsters. Here are steps to take now:
Monitor financial accounts closely – check bank statements and credit card activity for suspicious transactions.
Place a credit freeze with all major credit bureaus to prevent new accounts from being opened in your name.
Contact credit bureaus to place a fraud alert on your credit file, which requires businesses to verify your identity before issuing credit.
Update security questions on important accounts.
Stay on high alert for phishing attempts and unsolicited communications asking for personal information. Criminals have become more sophisticated in their methods to fill gaps in the data they got from the Dark Web.
To check if your Social Security Number has been exposed, visit: https://npd.pentester.com/
The NPD breach may never become ancient history so it pays to actively protect your personal information now and in the future.