August 19, 2024 at 09:24AM
Data broker NPD confirms 1.3 million affected by breach, much lower than previous estimations. Breach took place in Dec 2023 with leaks starting in Apr 2024. Criminal known as USDoD began selling stolen database, containing 2.9 billion lines of data. Investigation suggests potential for more affected individuals than reported. Several data types compromised.
From the meeting notes, it is clear that there has been a significant data breach involving the data broker, National Public Data (NPD), affecting potentially millions of individuals. The breach, initially thought to involve 1.3 million people, is now being looked into by various experts to assess the actual scope.
Key points from the meeting notes include:
– The breach was confirmed by NPD in a filing with Maine’s attorney general, revealing that the digital break-in took place in December 2023, with data leaks occurring from April to the summer of 2024.
– A criminal operating under the alias USDoD is responsible for selling the stolen database containing data of US, Canadian, and British citizens.
– Expert analysis by Troy Hunt suggests that the number of affected individuals could be higher than reported by NPD.
– Other businesses like Atlas Data Privacy have also uncovered additional alarming details, including the presence of criminal record data and a vast number of unique social security numbers.
– It has been noted that individuals who had their data removed by privacy services were not affected by the breach, and a significant portion of the compromised data pertains to deceased individuals.
The breach not only poses a significant risk to the affected individuals but also raises concerns about the security practices and data management of NPD. It will be essential for NPD to provide accurate and transparent updates to those affected and to work closely with law enforcement and relevant authorities to address this breach and prevent future occurrences.