Last week, National Public Data (NPD), a consumer data broker, dropped the bomb that it had been breached and that hundreds of millions of Social Security Numbers (SSNs), names, addresses, dates of birth, and more had been leaked publicly. This is one of the most significant data breaches impacting Americans to date.
Since NPD is a data aggregator – meaning it gathers data from sources instead of you providing it to them – it's been hard to pin down the extent of the breach or who is impacted. Headlines have suggested variably that 2.9 billion SSNs or the data of 2.9 billion people has been stolen, but analysis of the data paints a somewhat different picture. According to cybersecurity expert Troy Hunt, there are multiple records for the same person in the data he's analyzed and not all records have SSNs. And since SSNs are a uniquely US identifier, the 2.9 billion reported stolen seems impossible. What we do know is that a lot of real SSNs and other sensitive data was leaked, and we should be taking this privacy risk seriously.
Wondering if this breach impacted you? It's easy to find out. And if you were affected, there are steps you can take to protect yourself.
Krebs on Security has vetted a couple of sites run by data privacy and cybersecurity companies that will tell you if your information was included: Pentester and Atlas Data Privacy Corp. Pentester lets you search the database of stolen information using your name, state, and birth year, while Atlas requires your name and zip code, or phone number, or your SSN (I don't recommend entering your SSN on any sites like this, even trusted ones). I researched my details using both sites and was extremely unhappy to find a wealth of my data available going back decades.
Read more: Google Rolling Out Free Dark Web Monitoring
If your SSN and other information are part of the NPD breach, I recommend placing a credit freeze with each of the major credit reporting agencies. With a freeze in place, banks, car dealerships, and other creditors won't be able to access your credit report or open new lines of credit in your name, preventing you from potential identity theft. You can always temporarily lift the freeze if you need to open a new credit card account or buy a car. There's little downside from placing a freeze, and it can save you from a world of headaches, so it's well worth taking the time to do.
You'll need to set up a freeze individually with each credit agency. Here are links to each agency's online form:
When you place the freeze, you'll receive a PIN code that you'll need to use to temporarily lift the freeze and allow specific credit checks. I highly recommend storing this PIN code in your password manager or other secure digital vault. If you don't have your code, lifting the freeze will be extremely difficult and time-consuming. We use and recommend Dashlane and 1Password here at Techlicious.
Read more: Passkeys: Use This Secure and Convenient Alternative to Passwords Now
While placing a freeze on your credit can be cumbersome, it's the best way to protect yourself. With so much personal data floating around on the dark web, it's safest to assume that your SSN and other personal data are available to thieves and act accordingly.
[Image credit: Screenshot via Techlicious, laptop mockup via Canva]
For the past 20+ years, Techlicious founder Suzanne Kantra has been exploring and writing about the world’s most exciting and important science and technology issues. Prior to Techlicious, Suzanne was the Technology Editor for Martha Stewart Living Omnimedia and the Senior Technology Editor for Popular Science. Suzanne has been featured on CNN, CBS, and NBC.
From DAVID & ANN HART on August 20, 2024 :: 5:34 pm
Thanks, we apparently were exposed, and we followed your advice.
Reply