Latest Insights into a Significant Data Breach Incident at National Public Data
Recent reports indicate a significant breach at a consumer data broker, National Public Data (NPD), which resulted in the public exposure of hundreds of millions of Americans’ social security numbers, addresses, and telephone numbers. A startling addition to the breach story is that another NPD data broker, with shared access to the consumer records, inadvertently revealed the passwords to its backend database. This password information was readily available from the broker’s homepage until recent steps were taken to rectify the situation.
NPD confirmed the security breach in August, tracing its origin back to a incident in December 2023, but it wasn’t until April that a cybercriminal, known as USDoD,
began to sell stolen data from NPD.
In July, a large quantity of confidential information was leaked, including names, addresses, telephone numbers, and in some cases, email addresses. These exposed personal records involved more than 272 million individuals, including some who are deceased. USDoD attributed the leak of this data to another malicious hacker who also had access to the company’s database since December 2023.
In the aftermath, attention turned to NPD’s sister site, an online background check service named recordscheck.net. This site was hosting an archive with usernames and passwords for its admins which were promptly taken down once discovered. Further examination showed the archive contained source code and plaintext usernames and passwords for various sections of recordscheck.net.
It’s alarming to highlight that the exposed archive, titled “members.zip,” revealed users initially had the same six-letter password. Although they were advised to alter it, many did not change these passwords from their default settings.
According to breech tracking service Constella Intelligence, the leaked passwords align with credentials exposed in past data breaches that involved email accounts associated with NPD’s founder, a retired sheriff’s deputy, and actor from Florida, named Salvatore “Sal” Verini.
Following the breach, the database credentials on recordscheck.net were removed, and the site is due to cease operations “in the next week or so,” according to Verini.
Interestingly, an inspection of the leaked source code from recordscheck.net pointed to a web development firm based in Lahore, Pakistan, known as creationnext.com being responsible for the creation of that website.
In the face of adversity, several websites have been created to allow individuals to assess if their social security number and other data were exposed in the breach. These sites, such as npdbreach.com and npd.pentester.com, were launched by Atlas Data Privacy Corp. Although, it’s worth noting the information on NPD appeared to be outdated significantly.
With the unfortunate reality of numerous cybercriminal services offering detailed background checks on consumers including full social security numbers, it’s now advisable that you freeze your credit files at each of the major consumer reporting bureaus. By submitting a freeze, you make it exponentially more difficult for identity thieves to create new accounts in your name and restrict who can view your credit information.
After all, given the recent surge in data breaches we’ve seen involving essential static data points about individuals, the information necessary for identity thieves to impersonate you is now readily available from multiple sources.
As a preventive measure, all Americans are entitled to obtain a free copy of their credit report weekly from each of the three major credit bureaus. Thus, it might be an excellent time to request your files, spot, and dispute any inaccuracies you might find.
To summarize, we must be vigilant about wordpress security, especially in light of breaches like this. It underscores the importance of efforts to restore hacked wordpress sites and implement wordpress malware removal. Application of these measures would undoubtedly prevent a repeat of such unfortunate incidents. Let us learn from these incidents and guard our data fiercely.
Need security services for your WordPress site? Contact DrGlenn for protection and recovery. Order Services Today!.