National Public Data

History

2024

Bankruptcy filing over largest ever data breach

On October 11, 2024, it became known that Florida-based IT company National Public Data filed for bankruptcy due to the largest data breach in history. Almost 2.7 billion records with personal information of US residents were leaked on a hacker forum, as a result of which the names, social security numbers, physical addresses and possible pseudonyms of citizens were revealed.

National Public Data collects personal data, and then sells access to it to conduct biographical checks, collect information about criminal records and the work of private detectives. It is said that the company receives this information from publicly available sources to "compile individual profiles of residents of the United States and other countries."

Unsplash

In April 2024, a hacker known as USDoD announced the sale of 2.9 billion records containing personal data of people from the United States, Britain and Canada. Then it was reported that the information was stolen from the National Public Data database. The attackers tried to sell the data for $3.5 million on August 6, 2024, a cybercriminal known as Fenice posted the most complete version of the stolen National Public Data on the hacking forum Breached. The leak consists of two text files totaling 277 GB, containing about 2.7 billion records, and not 2.9 billion, as originally reported.

Subsequently, National Public Data confirmed the theft of personal information. People whose data was disclosed filed a class action lawsuit accusing the firm of negligence, wrongful enrichment and other violations. As a result, the company was forced to declare bankruptcy. This measure is designed to help National Public Data cope with the onslaught of lawsuits. Court documents said the company was unable to generate sufficient financial flows to cover potential large liabilities, not to mention protections in lawsuits and other expenses as part of the leak investigation.^[1]

Largest data breach in history. The darknet got information of 2.9 billion people

In early August 2024, it became known about the largest personal data leak in history. A database containing information about 2.9 billion people has been put up for sale on the darknet. For this huge array of information, attackers want to get $3.5 million.

According to the resource Bloomberg Law, the source of the leak was Jerico Pictures Inc., operating under the National Public Data brand. She is engaged in background analysis, collecting the personal information of billions of people from closed sources. In other words, the citizens themselves deliberately do not provide their information to Jerico Pictures.

Freepik

Bloomberg Law said that the cybercriminal group USDoD put up the National Public Data database for sale in early April 2024. It contains social security numbers, current and past addresses of people, full names, information about relatives (including some of the dead) and various other confidential information. The stolen data covers a period of several decades.

In connection with a large-scale leak, a class action lawsuit registered in the court of the Southern District of Florida is filed against Jerico Pictures. This statement did not specify exactly when or how the database theft occurred. California resident Christopher Hofmann, acting as the main plaintiff, claims that on July 24, 2024 he received a notification from his data protection provider that his personal information was disclosed as a result of a hack and ended up on the dark web. Hofmann accuses National Public Data of negligence, unjust enrichment and breach of fiduciary duties. The plaintiffs ask the court to oblige the company to pay monetary compensation, delete all personal data of the victims and encrypt the collected information.^[2]

Notes