A massive data breach has reportedly exposed 2.9 billion personal records, and it is crucial for individuals to check if their Social Security number is among the compromised information. The breach, which involved a hack into the National Public Data (NPD) database, has left millions vulnerable to identity theft and financial fraud. Here’s how you can determine if your Social Security number was leaked and what steps to take to protect your personal information.
How the Breach Occurred
In an August statement, National Public Data, a data broker known for selling personal information to private investigators, consumer public record sites, and human resource agencies, confirmed that a “third-party bad actor” hacked into their database. The breach reportedly took place in late December 2023, with potential data leaks occurring in April and the summer of 2024. The stolen data, now available on the dark web, includes names, email addresses, phone numbers, Social Security numbers, and mailing addresses.
The exact number of affected individuals remains unclear. However, the Maine Attorney General’s office estimates that approximately 1.3 million people were impacted, while Troy Hunt of Have I Been Pwned suggests that 134 million unique email addresses were compromised.
How to Check if Your Information Was Stolen
To find out if your Social Security number was part of the breach, two online security companies have provided free tools:
- Visit Atlas Privacy’s breach lookup tool.
- Use the Pentester cybersecurity tool.
These tools allow you to search the leaked database for your personal information. If your data was stolen, you should take immediate steps to protect your identity.
Steps to Protect Your Identity
- Monitor Your Credit Reports: Request a free credit report from each of the three major credit bureaus—Equifax, Experian, and TransUnion—at least once a year. Look for unfamiliar activity, such as new accounts you didn’t open, and keep an eye on your bank statements for unexpected charges.
- Sign Up for Credit Monitoring Services: Consider using a credit monitoring service that will alert you to any suspicious activity, such as someone attempting to use your Social Security number to create new credit accounts.
- Take Action if Your Social Security Number Was Stolen: If you suspect your Social Security number has been stolen, visit the Federal Trade Commission’s IdentityTheft.gov to create a personal recovery plan. Contact the IRS to ensure that your number is not used for fraudulent tax filings, and file a complaint with the Internet Crime Complaint Center if you believe you’ve been a victim of cybercrime.
- Consider Freezing Your Credit: A credit freeze prevents creditors from accessing your credit report, making it harder for identity thieves to open accounts in your name. You can unfreeze your credit temporarily when you need to apply for a loan or new credit.
What Is National Public Data Doing in Response?
National Public Data is cooperating with law enforcement and governmental investigators. The company has promised to notify individuals if significant developments affect them and recommends that those potentially affected monitor their financial accounts closely.
Preventing Future Identity Theft
To reduce the risk of future identity theft, avoid carrying your Social Security card in your wallet, and memorize the number instead. Use encrypted documents or phone calls to share sensitive information, and be wary of unsolicited requests for your Social Security number, especially in job applications. Regularly check your bank and credit card statements and enable two-factor authentication on your accounts.
Additional Risks
Theft of personal information can happen in various ways, from stolen wallets and rummaged mail to phishing emails and cyberattacks. It is vital to stay vigilant and protect your data by using strong, unique passwords and staying informed about the latest security threats.
For more details on identity theft protection and how to secure your financial information, visit resources such as the Federal Trade Commission’s website and Have I Been Pwned.
