Millions of people may have had their Social Security numbers and other sensitive information compromised following a major data breach, according to reports the hacking group known as USDoD has allegedly stolen the personal records of 2.9 billion individuals, which it claims to have obtained from National Public Data, a background check company based in Florida.
This claim is now at the center of a class-action lawsuit filed in U.S. District Court in Fort Lauderdale, Florida, as detailed by Bloomberg Law. The breach is believed to have occurred around April 2024. According to the lawsuit, the compromised data includes an extensive array of personal details, including names, addresses, and Social Security numbers.
A cybersecurity expert posted on X, formerly known as Twitter, that USDoD is allegedly offering the stolen records for sale on the dark web for $3.5 million. The records reportedly include data belonging to citizens from the United States, United Kingdom, and Canada.
Since the initial posting of the data for sale in April, the situation has escalated, with multiple copies of the information circulating online. The cybersecurity news site Bleeping Computer reported that in August, a hacker known as “Fenice” leaked what is believed to be the most comprehensive version of the data on a public forum, making it freely accessible.
This breach has raised alarms about the security measures of companies that handle large volumes of personal information and highlights the persistent and growing threat of cybercrime in the digital age. The situation continues to evolve as authorities and cybersecurity experts work to assess the full scope of the breach and its potential impact on affected individuals.