A newly filed lawsuit accuses a South Florida-based company of compromising the personal data of an unprecedented number of individuals. The filing asserts that hackers accessed sensitive information, such as Social Security numbers, previous and current addresses, and familial details, potentially exposing billions of people to risks of financial fraud.
The lawsuit was initiated by Christopher Hofmann, a California resident, who alleges his identity theft protection service identified his personal data on the dark web, attributing the breach to “nationalpublicdata.com.” According to the court filing, the breach occurred in April 2024, with the hacker group USDoD exfiltrating unencrypted information from National Public Data (NPD), a company responsible for background checks. Bleeping Computer, a tech website, noted that a hacker subsequently leaked some of the stolen data on a hacking forum.
Reports mention that the leaked data comprises 2.7 billion records, encompassing names, addresses, birth dates, Social Security numbers, and phone numbers. While the exact number of individuals affected remains unclear, estimates suggest that nearly anyone with a Social Security number could be impacted. Cliff Steinhauer of The National Cybersecurity Alliance highlighted the significance of personal vigilance in safeguarding one’s information.
The lawsuit alleges that NPD has yet to inform the affected individuals about the breach. Legal firm Schubert Jonckheer & Kolbe is examining the incident, mentioning that the compromised data may date back over 30 years. Security experts advise consumers to take preventive measures, such as freezing their credit files with major bureaus—Experian, Equifax, and TransUnion—and utilizing reputable identity theft monitoring services to detect if their data has surfaced on the dark web.
