A few days shy of four months after a group calling itself
“The Dark Overlord” claimed to have stolen more than 650,000 healthcare records.
The site’s visitors worry that the exposed data—Social Security numbers and other sensitive information—could be used for identity theft, fraud and a litany of related criminal endeavors.
“Obviously, this is a big part of one’s dossier on all the rest of us, but if true it really does look to be much worse”
In April the hacking group USDoD claimed to have stolen personal records of 2.9 billion people (include such fun facts as your Social Security number, home address and phone numbers) from National Public Data.
a company that sells information on individuals for purposes including background checks by employers, private investigators and staffing agencies.
which was howlingly funny to many given its claims turnover aside but nonetheless has resulted in nationwide groveling across various industries else lawsuits seeking billions.
The group posted the data in a forum for hackers to sell, at $3.5 million including records from US, UK and Canada according to X)
The data contains 2.7 billion records, each including an individual’s full name, address, date of birth and Social Security number along with other information such as alias names or past home addresses for the user in question.
National Public Data has not responded to requests for comment, nor notified people about the purported breach directly.
The company has, however privately-warned email users that
“We are aware of certain third-party claims about consumer data” and is probing these matters”
That email also noted, the company had “erased the whole database in a single sweep of any all entries to effectively mass opt everyone out.
“non-public personal information” about individuals, but with the caveat “We may need to retain certain records for legal reasons.
Felice had provided news outlets that cover cybersecurity with parts of the data, which they’ve observed to be what appears to be real individuals’ names and contact details.
If the leaked material is indeed what it claims to be, these are some of the potential risks that may arise and what you can do about them.
The Threat of ID
the leak should cover most of what banks and insurance companies or any other service provider tries to find out when setting up new accounts — as well as whenever they require you a phone call permission if considering resetting your password on an existing one.
Among the hackers’ loot, there were a couple of items that seemed to be missing.
A is all the email you use to log in, for a lot of people. The second? Driver’s license or passport photos — which some government entities use for purposes such as establishing an individual is who they say are.
“Anything and everything” with the leaked information, most concerning that is likely someone trying to hijack your accounts.
associated with like the bank, investments, insurance policies and email. All a scammer would need is your name, Social Security number, date of birth and mailing address to open fraudulent accounts in your name or convince someone else to change the password on one of your existing accounts.
Criminals might potentially leverage a previous data breach to supplement email addresses into the National Public Data leak list of entries as well.
“You can just create all sort of hell, do any kind of crimes and steal from them whatever”
How to protect yourself
There have been so many data breaches over the years that some security experts believe your personal information is almost definitely out there somewhere on the dark web.
In fact, VPNRanks (a website that ranks virtual private network services) estimates 5 million people a day access the dark web via anonymizing browser TOR — but only some of them are doing something sketchy.
If you believe your Social Security number or other sensitive information on yourself was compromised, experts recommend freezing credit files at the three main bureaus — Experian, Equifax and TransUnion.
For free, with the added bonus of preventing a criminal from obtaining and using loans and credit cards AND freely funding accounts in your name.
The only catch with this is that you will have to remember (you should probably write yourself a note) if you are about to score or apply for something needing any kind of credit inquiry, and lift the freeze.
