2.9 Billion Social Security Number Breach: What to Know

2024’s social security number breach compromised 2.9 billion records, including SSNs and other personally identifiable information (PII). Here’s what you should know.

A hacker group named USDoD stole 2.9 billion records  primarily affecting citizens from the US, Canada, and UK from the vaguely named National Public Database (NPD). NPD is a subsidiary of Jerico Pictures Inc., and primarily operates as a background check company. This is the biggest social security number breach incident marked in history.

On April 8th, 2024, a cybersecurity firm, HackManac, posted a tweet that this data was for sale on the dark web with an asking price of $3.5M.

Image source: HackManac Tweet

Fast forward to August 1st, 2024, Christopher Hofmann filed a lawsuit against Jerico Pictures Inc., claiming that on July 24, 2024, he was informed by his identity theft protection service that his personal identifiable information (PII) had been compromised due to the breach at "nationalpublicdata.com" and had been discovered on the Dark Web. 

According to BleepingComputer, a threat actor known as "Fenice" released the most comprehensive version of the stolen NPD information for free on the Breached hacking forum, on August 6th. The leaked data includes:

• full names

• current and past addresses

• Social Security numbers

• information about family members (including some who have been deceased for nearly 20 years)

• other personal information (collectively defined herein as “PII”)

The lawsuit accuses NPD of failing to protect sensitive personal information and notify affected individuals, leaving millions vulnerable to identity theft.

Why Does the National Public Database (NPD) Have So Much Data? 

The National Public Database (NPD) is a company that specializes in providing background checks and data services to businesses, including employers, private investigators, and other entities that require detailed personal information. 

NPD has access to a vast amount of data because it aggregates information from numerous public records, including federal, state, and local government sources. These records encompass a wide range of data, such as 

• criminal records 

• property filings 

• motor vehicle records

• marriage certificates

By collecting and compiling this publicly available information, NPD can offer comprehensive reports on individuals, which are often used for employment background checks, tenant screenings, and other purposes. 

However, like we’ve seen in the Snowflake breach, any database, especially one filled with extensive personal data makes its owner, in this case NPD, a prime target for cyberattacks. Breaches at this scale are likely only going to continue to occur as hackers continue to find security vulnerabilities that turn into massive pay days

Implications of This Social Security Number Breach

According to CBS News, everyone with a Social Security number was impacted by this breach. The implications, therefore, are far reaching, and perhaps we will never fully know the collateral damage of a breach this size. 

We suspect that this stolen data could fuel a significant surge in identity theft, with criminals potentially using the information to 

• open fraudulent accounts 

• apply for loans

• engage in other forms of financial fraud. 

As an individual, the most effective step individuals can take is to freeze their credit records with major credit bureaus like Experian, Equifax, and TransUnion. We recommend going directly to their websites to see what resources they may be providing as a result of this data breach. 

As a developer, the best step you can take is to limit your attack surface now, and prevent breaches even before they happen!

Caution: A credit freeze doesn't just prevent unauthorized access; it can also affect legitimate applications. For instance, if you're applying for a new credit card or auto loan, your application may be denied unless you temporarily lift the freeze on your credit.

Why did This Happen?

The exact attack vector and circumstances surrounding the breach are still not publicly available, and we will update this article when information comes out.

How Pomerium Helps Prevent Data Breaches 

Pomerium provides zero-trust security software that helps prevent cyberattacks,data leaks, and unauthorized application access by checking every action for authentication, authorization, and context before allowing or denying it. By continually verifying user access, Pomerium helps to solve the perimeter problem. This means that even if a hacker gets hold of credentials or breaches your network, your data and applications are still protected by Pomerium’s identity and context-aware security measures.

Data leaks can cause a fatal financial burden on organizations and financial institutions, creating detrimental effects on their survival. According to Schubert Jonckheer & Kolbe LLP, every individual affected in this breach is entitled to monetary compensation from the National Public Database, if (and when) proven guilty of negligence. 
That's why it is essential to use solutions like Pomerium to protect your organization from data breaches. It is an advanced and more sophisticated corporate VPN alternative for secure data access for teams, providing a robust security posture to mitigate data leaks.