Millions of Americans’ Social Security Numbers Have Been Hacked – Here’s What You Must Do

About four months after a well-known hacker group said they got access to a huge amount of private and sensitive data from a big data broker, one of their members is said to have put most of that data up for free on a well-known website that sells stolen data.

There are big worries about identity theft, scams, and other illegal activities that could happen because of the stolen data, which includes Social Security numbers and other very private data. Teresa Murray, head of the U.S. Public Information Research Group (PIRG) and a consumer advocate, has talked about how bad this breach is.

After the breach, Murray said, “If this really is the whole dossier on all of us, it is much more concerning than the other breaches.” This should be a five-alarm wake-up call for people who weren’t taking steps in the past, which they should have been.

A group of people, called USDoD, have said in April that they stole the personal information of 2.9 billion people from National Public Data (NPD). A lawsuit has been made in the U.S. District Court in Fort Lauderdale, Florida, saying that these claims are true.

NPD is a business that gives personal information to people for background checks by employers, private investigators, and staffing firms, among others. A cybersecurity expert wrote on X that the group had put the data up for sale on a hacker website with a price tag of $3.5 million. News reports say that the records had information from the US, Canada, and the UK.

A person claiming to work for USDoD and going by the name Felice recently said on a hacking site that they were now selling “the full NPD database.” BleepingComputer took a picture of the data that shows it has about 2.7 billion records. Felice said that each record has the full name, location, date of birth, Social Security number, phone number, and sometimes a different name and date of birth.

NPD hasn’t replied to requests for comment and hasn’t officially told people who were harmed by the breach yet. However, when asked about third-party claims about customer data via email, the company said they were aware of the issues and were looking into them. In the same email, NPD also said that they had “purged the entire database, as a whole, of any and all entries, essentially opting everyone out.” The business says it has deleted all “non-public personal information,” but they did say that some records may need to be kept to follow the law.

Several cybersecurity news sites have looked at parts of the data Felice released and said that it looks like it contains information about real people. Anyone who sees the data needs to take immediate steps to protect themselves because it contains very dangerous information.

It’s very likely that someone will steal your name after this breach. A lot of the information that banks, insurance companies, and other service providers need to set up accounts or change passwords is in the data that was leaked. Some important pieces of information, like email addresses and photos of driver’s licenses or passports, don’t seem to be there, but cybercriminals can still get a lot of value from the data that has been shared.

Also See:

These retired people will no longer get Social Security checks – Three ways to lose cash

Murray says that bad people could use this information to do a number of fraudulent things, such as trying to take over existing accounts linked to bank accounts, investments, insurance plans, and email.

Murray also said that thieves could use the data from this breach along with data from previous leaks to make even more detailed profiles of possible victims that they could then use to commit more crimes.

 

Protect your Social Security data from a hack

After a breach like this, experts say that you should freeze your credit files with the three main credit bureaus: Experian, Equifax, and TransUnion. This is easy to do and doesn’t cost anything. It will stop thieves from starting new bank accounts in your name. You’ll need to remember to briefly lift the freeze, though, if you want to get credit or use a service that checks your credit.

It’s important to go through this process directly with each credit bureau and not reply to emails or texts you didn’t ask for that say they are from these agencies. These messages are probably scams meant to steal your personal information.

You might want to sign up for a service that checks your accounts and the dark web for signs of identity theft in addition to freezing your credit. After a data hack, companies often give these services to customers for free for a year or more.

But if you haven’t already, even the best tracking services won’t be able to protect your accounts. Strangely, accounts that haven’t been set up to be accessed online can be the most at risk. This is because it’s easier for a hacker to make a new login and password and pretend to be you than to hack into a current account.

It is important to use strong, unique passwords for each service and to change them often. This process can be made easier by password organizer apps that store and organize your passwords safely in the cloud, so you only need to remember one master password.

One more important security step is two-factor authentication, which protects your accounts even more. Usually, this means getting a code via text message or using an authenticator app that is connected to your phone. This makes it much harder for someone to get into your accounts, even if they know your login information.

Scammers are also going after people more and more through SIM swapping and port-out fraud, in which they take your phone number and use it to take over your accounts. As an extra safety measure, cell phone companies like AT&T, T-Mobile, and Verizon offer passcodes and stops on illegal device changes.

Source

Leave a Comment