Data Firm Faces a Dozen Suits Over Social Security Number Leak

InsuNews August 29, 2024
A hooded hacker uses a computer.

What You Need to Know

The data breach is thought to have compromied the Social Security numbers of 272 million people.
If reports are true, the attack on National Public Data may be one of the largest ever in terms of the number of people affected, lawmakers say.
National Public Data didn’t adequately safeguard personal information, plaintiffs argue.

Background check company National Public Data faces at least a dozen class action lawsuits filed in Florida this month after a reportedly massive breach in which hackers may have stolen the data of billions of people, including hundreds of millions of Social Security numbers.

BiometricUpdate.com reported this week that the U.S. Justice Department and lawmakers, along with some state attorneys general, are investigating the data breach. Citing information from risk analysis firm Constella, the news site reported the attack appeared to compromise data for 292 million people, including Social Security numbers for 272 million.

The data does include errors, a Constella official told the site.

Two lawmakers, in a letter seeking information from National Public Data, said that if reports about the hack are true, “this data breach likely represents one of the largest cyberattacks ever in terms of impacted individuals.”

In a data breach notice filed in Maine, the company said the hack was discovered on Dec. 30, 2023, and affected 1.3 million Americans.

Christopher Hofmann of Fremont, California, filed his class action lawsuit against Jerico Pictures, doing business as National Public Data, on Aug. 1, accusing the firm of failing to properly safeguard individuals’ personally identifiable information, including names, current and past addresses covering decades, Social Security numbers and information about family members.

See also  Why should couples have joint life insurance?

The company “intentionally, willfully, recklessly or negligently” failed to maintain adequate measures to safeguard the information, the lawsuit alleges, also contending that National Public Data scraped people’s information from nonpublic sources without their consent or knowledge.

A Michigan woman filed a similar putative class action suit against National Public Data the same day in the same court — U.S. District Court for Southern Florida in Fort Lauderdale — and 10 other plaintiffs have done the same since, court records show.

A cybercriminal group going by USDoD gained access to NPD’s network before April and was able to “exfiltrate” unencrypted data belonging to billions of people and sold it to “unknown criminals” on the dark web, Hofmann’s complaint contends.

The lawsuit cites cybersecurity educational website vx-underground as reporting the cybercriminals placed National Public Data’s database on a dark web site called Breached, where the hackers claimed they had data on 2.9 billion people and offered it for sale for $3.5 million.

More Stories

How Does Commercial Auto Insurance Work And What Is It?

How Does Commercial Auto Insurance Work And What Is It?

InsuNews November 4, 2024

How do I convince my mom to get life insurance?

InsuNews November 3, 2024
15 Views on What to Drink on Election Night

15 Views on What to Drink on Election Night

InsuNews November 3, 2024

You may have missed

The Incursion Of Profit-Enhancing Middlemen In US Health Care

The Incursion Of Profit-Enhancing Middlemen In US Health Care

InsuNews November 4, 2024
Insure4Sport Logo

The 11 Best Free Running Apps For Beginners

InsuNews November 4, 2024
Lifestyle

Lifestyle Choices That Could Skyrocket Your Car Insurance Rates

InsuNews November 4, 2024
Allstate Foundation

The Allstate Foundation empowers young changemakers with college service grants

InsuNews November 4, 2024
perils-ag-logo

PERILS estimates storm Boris flood losses of ~€1.9bn, reveals change to methodology

InsuNews November 4, 2024