Heimdal
Home > Cybersecurity News

2.7 billion Leaked Data Records Expose Personal Information of US People

Security Specialists Say the Records Come from National Public Data.

Last updated on August 14, 2024

article featured image

Contents:

Hackers leaked 2.7 billion data records containing personal information belonging to citizens of the United States for free, on a dark forum.

The attackers claim they had exfiltrated the data from the National Public Data.

The type of data in the 2.7 billion leaked data records

The 277GB data leakage revealed two text files that contained around 2.7 billion unencrypted records.

The compromised data are:

  • full names
  • e-mail addresses
  • Social Security numbers

In some cases, the records include other names associated with the person. Regarding the number of US citizens that the data leakage impacted, BleepingComputer.com said:

It is important to note that a person will have multiple records, one for each address they are known to have lived. This also means that this data breach did not impact 3 billion people as has been erroneously reported in many articles that did not properly research the data.

Their journalistic investigation revealed that in some cases, the name, e-mail and SSN don’t match, they belong to different people.

But there is still a risk of fraud, phishing, and smishing attacks. A previously leaked sample also included phone numbers.

Source – BleepingComputer

Why is National Public Data silent

This is not the first time hackers have claimed to have breached National Public Data. A threat actor dubbed USDoD attempted selling 2.9 billion data records of people in US, UK and Canada.

They’ve also claimed stealing the data from National Public Data. BleepingComputer.com said that at that moment they asked NPD for a point of view. Until now, they didn’t get any response.

Security specialists say none of the data was encrypted. Encrypting data both in storage and transit is one of the most important data security best practices.

In case of a data breach, data encryption prevents the attacker from reading and using the files.

If the data leakage is indeed connected to NPD, this means the company had collected and stored sensitive data without complying with one of the most important security measures.

If you liked this article, follow us on LinkedIn, Twitter, Facebook, and Youtube, for more cybersecurity news and topics.

Author Profile

Livia Gyongyoși

Communications and PR Officer

Livia Gyongyoși is a Communications and PR Officer within Heimdal®, passionate about cybersecurity. Always interested in being up to date with the latest news regarding this domain, Livia's goal is to keep others informed about best practices and solutions that help avoid cyberattacks.

Related Articles

What Is Data Leakage?What Is Data Loss Prevention and How You Can Approach DLP SecurityWhat Is a Data Breach and How to Prevent ItData Integrity: What It Means and How to Maintain ItEnd-to-end Encryption (E2EE). What Is It and How It HelpsA Technical Approach to Data Loss Prevention (DLP)How to Protect Your PC with Multiple Layers of Security

CHECK OUR SUITE OF 11 CYBERSECURITY SOLUTIONS

SEE MORE
linkedin
youtube
facebook
x

resources

company

newsletter

© 2024 Heimdal®

Vat No. 35802495, Vester Farimagsgade 1, 2 Sal, 1606 København V