Millions of Americans’ home addresses allegedly exposed

Billions of personal records on millions of Americans may soon end up on the internet as attackers are planning to leak info stolen from a background check and person lookup and verification company.

A massive data leak, with information taken from National Public Data, a public records database company, could soon end up on attackers’ digital drives.

While the term “public data” implies the details are already available to anyone, that’s hardly the case.

According to Vx-underground, an anonymous threat analyst group, attackers intend to release Americans’ names and surnames, home addresses, over thirty years' worth of address histories, and Social Security numbers (SSNs).

“It also allowed us to find their parents and nearest siblings. We were able to identify someone’s parents, deceased relatives, uncles, aunts, and cousins. Additionally, we can confirm this database also contains information on individuals who are deceased. Some individuals located had been deceased for nearly two decades,” researchers said on X.

Attackers supposedly provided Vx-underground with a massive data sample weighing over 277GB, which included what appears to be legitimate data. It contains information on individuals who do not use data opt-out services.

The data sample supposedly came from a database stolen earlier this year. Back in April, well-known attackers advertised stealing a whopping four terabytes of data from the National Public Data, including 2.9 billion records.

While attackers initially wanted to sell the database for $3.5 million, Vx-underground claims threat actors decided to leak it for free. If confirmed, the data leak would be one of the largest ever.

We have reached out to National Public Data for confirmation and comment but did not receive a reply before publishing.

Should Americans fear the data leak?

Researchers claim the information that will soon hit data leak forums could allow malicious actors to carry out a wide range of attacks, such as identity theft or sophisticated phishing schemes.

For example, attackers could impersonate parents, children, siblings, or other relatives to target Americans for financial gain and other malicious purposes,

Revealing individuals’ home addresses could lead to attempts at robbery, stalking, or harassment. Leaking information about victims of abuse could reveal their location to abusers.

Earlier this year, the Cybernews research team discovered the Mother of all Breaches (MOAB), a database with 12 terabytes of information spanning over a mind-boggling 26 billion records.

More from Cybernews:

Cloud provider Snowflake distances itself from Ticketmaster breach

Photo firm exposes 43K American uni students

New study: supersharers, not bots, spreading fake news on social media'

Nvidia announces its latest AI chip

The CyberBunker’s underground facility in Germany is up for sale

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are markedmarked