The company that was named in a class-action lawsuit filed by Internet users who claim that every American’s Social Security number was stolen from its servers has confirmed that it was hacked by cybercriminals who obtained the sensitive data.
Jerico Pictures Inc., the Coral Springs, Fla.-based entity. which does business as national public records, released a statement last week in which it acknowledged that “the information allegedly breached contained the name, email address, telephone number, social security number and address(es) of mail.”
NPD, which attributed the “data security incident” to a hacking attempt by a “bad third-party actor”, published the statement on its website.
It said there was a hacking attempt in December 2023, as well as “potential leaks of certain data in April 2024 and summer 2024”.
NPD, which conducts criminal background checks for employers and investigators “for some of the lowest rates in the industry,” did not specify how many people were affected.
The company said it had “cooperated with law enforcement and government investigators and conducted a review of potentially affected data.”
NPD also said it took “additional security measures in an effort to prevent such a breach from reoccurring and to protect our systems.”
The company said it would reach out to all affected users “so you can take action that will help minimize or eliminate potential harm.”
The NPD recommended that online users “closely monitor your financial accounts and if you see any unauthorized activity, you should contact your financial institution immediately.”
Holders of Social Security numbers are also being encouraged to contact the big three credit reporting agencies — Equifax, Experian and TransUnion — in order to get a free credit report as well as place a fraud alert on their file.
Fraud alerts, which are free, let creditors know that they should contact you if someone tries to open a new account or change existing accounts that are under your name.
At least eight separate lawsuits have been filed against the NPD since Aug. 1, when news of the breach came to light.
Christopher Hoffman, a California resident, filed a lawsuit on August 1 alleging that a cybercriminal group called “USDoD” posted a database on the dark web that is said to contain the personal data of 2.9 billion people.
The group put the database up for sale for $3.5 million, according to the lawsuit, which was first reported by Bloomberg Law.
Hoffman’s lawsuit alleges the hackers obtained records of relatives and past addresses dating back at least three decades.
NPD is accused in the lawsuit of negligence and violation of the duty of good faith. The lawsuit does not specify how much damages Hoffman is seeking.
#National #public #records #admit #hackers #stole #Social #Security #numbers #massive #breach #affect #Americans
Image Source : nypost.com