Data Firm Faces a Dozen Suits Over Social Security Number Leak

InsuNews August 29, 2024
A hooded hacker uses a computer.

What You Need to Know

The data breach is thought to have compromied the Social Security numbers of 272 million people.
If reports are true, the attack on National Public Data may be one of the largest ever in terms of the number of people affected, lawmakers say.
National Public Data didn’t adequately safeguard personal information, plaintiffs argue.

Background check company National Public Data faces at least a dozen class action lawsuits filed in Florida this month after a reportedly massive breach in which hackers may have stolen the data of billions of people, including hundreds of millions of Social Security numbers.

BiometricUpdate.com reported this week that the U.S. Justice Department and lawmakers, along with some state attorneys general, are investigating the data breach. Citing information from risk analysis firm Constella, the news site reported the attack appeared to compromise data for 292 million people, including Social Security numbers for 272 million.

The data does include errors, a Constella official told the site.

Two lawmakers, in a letter seeking information from National Public Data, said that if reports about the hack are true, “this data breach likely represents one of the largest cyberattacks ever in terms of impacted individuals.”

In a data breach notice filed in Maine, the company said the hack was discovered on Dec. 30, 2023, and affected 1.3 million Americans.

Christopher Hofmann of Fremont, California, filed his class action lawsuit against Jerico Pictures, doing business as National Public Data, on Aug. 1, accusing the firm of failing to properly safeguard individuals’ personally identifiable information, including names, current and past addresses covering decades, Social Security numbers and information about family members.

See also  Is Brighthouse Financial Inc (BHF) a Bad Choice in Insurance - Life Monday? - InvestorsObserver

The company “intentionally, willfully, recklessly or negligently” failed to maintain adequate measures to safeguard the information, the lawsuit alleges, also contending that National Public Data scraped people’s information from nonpublic sources without their consent or knowledge.

A Michigan woman filed a similar putative class action suit against National Public Data the same day in the same court — U.S. District Court for Southern Florida in Fort Lauderdale — and 10 other plaintiffs have done the same since, court records show.

A cybercriminal group going by USDoD gained access to NPD’s network before April and was able to “exfiltrate” unencrypted data belonging to billions of people and sold it to “unknown criminals” on the dark web, Hofmann’s complaint contends.

The lawsuit cites cybersecurity educational website vx-underground as reporting the cybercriminals placed National Public Data’s database on a dark web site called Breached, where the hackers claimed they had data on 2.9 billion people and offered it for sale for $3.5 million.

More Stories

Life Insurance Exclusions – What’s Not Covered By Life Insurance Policies?

What is a Loan Clause When Buying a Home in Ireland?

InsuNews November 22, 2024

Term life insurance for children? Nobody seems to have this for any sort of reasonable coverage amount

InsuNews November 22, 2024
/contrib/content/uploads/sites/415/2024/07/Donald_Trump_2024_BB_640x640.jpg

Trump Seeks Perfect Treasury Candidate as Search Drags On

InsuNews November 21, 2024

You may have missed

2025 Aprilia Tuono 457

2025 Aprilia Tuono 457 released

InsuNews November 23, 2024
cyber insurance

Understanding the importance of cyber insurance in the digital age

InsuNews November 23, 2024
What Is Rideshare Insurance?

What Is Rideshare Insurance?

InsuNews November 22, 2024
price-pressure-reinsurance-retro-ils-ilw

With excess capital in the system, property cat rates could trend down at 1/1: Morgan Stanley

InsuNews November 22, 2024

Crap insurance vs. no insurance

InsuNews November 22, 2024