In one of the largest data breaches to date, the cybercriminal group USDoD targeted National Public Data (“NPD”), a background check provider and data broker. The breach compromised an estimated 2.9 billion records containing personal information such as social security numbers, addresses, and details about relatives spanning over two decades.

Many individuals were surprised to learn that NPD had their information within its database and were unfortunately awakened to the harsh reality when USDoD posted the sale of the acquired data on the dark web for $3.5 million. Aggrieved individuals responded by bringing a class action suit against NPD for claims underscoring the lack of consent regarding the data collection from individuals and the failure to secure the collected data appropriately.

Many were surprised to learn that their data was housed with data brokers, entities that play a significant and often overlooked role in the digital economy. These brokers gather and sell data from various sources, including public records and social media, for multiple purposes. Leading brokers, such as Equifax, Experian, and TransUnion, gather data to create comprehensive profiles of individuals, which are then sold to businesses for targeted marketing or to employers for background checks.

As businesses and individuals host a myriad of sensitive information on online platforms, the need for implementing robust cybersecurity measures is both critical and urgent. The recent data breach at NPD is a stark reminder of the potential risks. Measures such as restricted access to sensitive information, encryption, and regular threat assessments are all steps businesses can take to shield the safety and security of their online data.

Individuals can also take steps to mitigate the misuse of their information. The first step is to monitor account status vigilantly.

There is no official method of determining whether an individual’s personal information was leaked during the hack. However, individuals can and should take steps to mitigate the misuse of their information. The first step is to closely monitor your accounts and alert institutions upon finding suspicious activity. Further, a credit freeze is an excellent way to protect your information. Notably, a credit freeze will not harm your credit score. Instead, it will prevent creditors from accessing your credit report and make it significantly harder for bad actors to open new accounts in your name. Freezing your credit will also prevent credit bureaus from selling your data in credit reports.