Billions of personal records on millions of Americans may soon end up on the internet as attackers are planning to leak info stolen from a background check and person lookup and verification company.
A massive data leak, with information taken from National Public Data, a public records database company, could soon end up on attackers’ digital drives.
While the term “public data” implies the details are already available to anyone, that’s hardly the case.
According to Vx-underground, an anonymous threat analyst group, attackers intend to release Americans’ names and surnames, home addresses, over thirty years' worth of address histories, and Social Security numbers (SSNs).
“It also allowed us to find their parents and nearest siblings. We were able to identify someone’s parents, deceased relatives, uncles, aunts, and cousins. Additionally, we can confirm this database also contains information on individuals who are deceased. Some individuals located had been deceased for nearly two decades,” researchers said on X.
April 8th, 2024, a Threat Actor operating under the moniker undefinedUSDoDundefined placed a large database up for sale on Breached titled: undefinedNational Public Dataundefined. They claimed it contained 2,900,000,000 records on United States citizens. They put the data up for sale for $3,500,000.
undefined vx-underground (@vxunderground) June 1, 2024
National…
Attackers supposedly provided Vx-underground with a massive data sample weighing over 277GB, which included what appears to be legitimate data. It contains information on individuals who do not use data opt-out services.
The data sample supposedly came from a database stolen earlier this year. Back in April, well-known attackers advertised stealing a whopping four terabytes of data from the National Public Data, including 2.9 billion records.
While attackers initially wanted to sell the database for $3.5 million, Vx-underground claims threat actors decided to leak it for free. If confirmed, the data leak would be one of the largest ever.
We have reached out to National Public Data for confirmation and comment but did not receive a reply before publishing.
Should Americans fear the data leak?
Researchers claim the information that will soon hit data leak forums could allow malicious actors to carry out a wide range of attacks, such as identity theft or sophisticated phishing schemes.
For example, attackers could impersonate parents, children, siblings, or other relatives to target Americans for financial gain and other malicious purposes,
Revealing individuals’ home addresses could lead to attempts at robbery, stalking, or harassment. Leaking information about victims of abuse could reveal their location to abusers.
Earlier this year, the Cybernews research team discovered the Mother of all Breaches (MOAB), a database with 12 terabytes of information spanning over a mind-boggling 26 billion records.
Your email address will not be published. Required fields are markedmarked