In the first week of August this year, a hacker released a dataset containing personal information of Americans from the servers of National Public Data, an organization providing background check services to businesses. By the third week of the month, the same hacker published another data dump, revealing approximately 2.7 billion records. This dataset included social security numbers, names, mailing addresses, and names of relatives, potentially setting the stage for future phishing attacks.
Initial investigations suggest that the hacker, identified as USDoD, was responsible for breaching data belonging to citizens from the US, UK, and Canada. It is believed that this information was obtained after paying a substantial amount to another threat actor known as SXuL.
While there is no conclusive evidence linking the attack to Russian hackers, it is notable that USDoD is the same individual who previously infiltrated CrowdStrike’s servers and attempted to breach Microsoft servers. This latter attack caused significant disruptions, including issues with Windows 10 and 11 due to a bug in CrowdStrike Falcon sensors.
Attacks on software firms and technology infrastructure have become lucrative for threat actors. Victims often feel compelled to pay ransoms because their data is crucial to their operations. Such data frequently sells quickly on the dark web, where it is highly sought after by criminals looking to profit through cryptocurrency.
The FBI and other organizations like CISA advise ransomware victims against paying ransoms, as doing so encourages further criminal activity. It has been observed that attackers often return to target the same network multiple times within a year. Therefore, it is recommended to report data breaches to the SEC and the FBI and follow their guidance for handling such incidents.
Update on August 20, 2024- Two companies have launched dedicated websites to assist online users find out on whether their personal info such as SSN, DoBs, names, addressed and zip codes can be found in the archives.
First is Atlas Privacy Data Corporation that launched npdbreach dot com that will offer all information and will not store data related to user searchers. The second site is Pentester that is offering npd.pentester dot com to help users know if they will be impacted by the data breach.
Besides, better to secure all your online and banking accounts with a multi factor authentication, and maintain password hygiene to safeguard from the repercussions that arrive from the National Public Data Leak.
