Table of Contents
By now, you’ve probably heard about a massive data breach that compromised the Social Security numbers and other data of millions of Americans and could now be in the hands of hackers.
The cache of data is made up of 2.9 billion records including names, addresses, Social Security numbers and relatives dating back at least three decades, according to law firm Schubert, Jonckheer & Kolbe.
The San Francisco firm has filed a class-action lawsuit against National Public Data, which aggregates data to offer background searches. The lawsuit alleges that the company did not adequately protect the information, allowing it to be stolen and offered for sale on the dark web.
Start the day smarter. Get all the news you need in your inbox each morning.
People “now face years of constant surveillance of their financial and personal records, monitoring, and loss of rights,” because of the breach, according to the the complaint, filed in U.S. District Court in Fort Lauderdale, Florida, and first reported on by Bloomberg Law.
A banner year for data breaches: Cybersecurity expert shows how to protect your privacy
How did this massive data breach happen?
According to the suit, cybercriminal group USDoD accessed the network of National Public Data (also known as Jerico Pictures, Inc., of Coral Springs, Florida) and stole unencrypted personal information. Around April 8, 2024, the group posted a database on the dark web, claiming it contained information on about 2.9 billion people and putting it up for sale at $3.5 million.
The plaintiff in the case, Christopher Hofmann of Fremont, California, was notified by an identity theft protection service that his data had been compromised and found on the dark web as a result of the data breach.
Should I freeze my credit?
If you are concerned about the integrity of your credit because your personal information may have been stolen, you can place a freeze on your credit reports as a way to protect against unauthorized borrowing.
This credit freeze, also sometimes called a security freeze, prevents creditors from accessing your credit report, according to the U.S. General Services Administration.
“Everyone should consider freezing their credit report with each major credit bureau because it’s free and it will prevent unauthorized individuals from opening credit cards or taking out loans in your name,” Odysseas Papadimitriou, the CEO of personal finance site WalletHub, told USA TODAY.
A good reason to freeze your credit? If your Social Security number wasn’t in the National Public Data breach, “it probably was in a previous breach or will be soon,” Papadimitriou said. “The sad reality is that our personal information is out there. Savvy consumers simply need to make sure they are tough targets for fraudsters with stolen personal information.”
Freezing your credit is a good place to start, he said. Once a credit freeze is started, you will need to lift it should you want to create new accounts yourself, perhaps to buy a home or car or get a new credit card.
“It’s easy to lift the freeze when you actually want to apply for a financial product yourself,” Papadimitriou said.
©VALERY HACHE, AFP via Getty Images
August 14, 2024: This photograph shows lightning striking over the French Riviera city of Nice, Southerneast France.
How to freeze your credit
It’s free to have your credit report frozen. But you must contact all three major credit reporting agencies:
You can submit your request online, by phone, or by mail. Agencies must freeze your credit report within one day when you submit it online or by phone, according to the General Services Administration. Freeze requests sent by mail must be enacted within three business days. Agencies must lift the freeze within an hour if you request it be unfrozen online or by phone, and within three business days by mail.
Get unlimited digital access to USA TODAY and premium Sports+ storiesOne month freeGet it now
Identity protection: How and why to freeze your credit
Other steps to protect your identity in wake of breaches
- Stronger passwords: Make your passwords stronger “by using unique, complex combinations of letters, numbers, and symbols,” said Adrianus Warmenhoven, a cybersecurity expert at NordVPN, in a breach advisory sent to USA TODAY. “Remember, never use the same password for multiple accounts.” He also recommends a reputable password manager to securely store these stronger passwords.
- Two-factor authentication: Always opt to use two-factor authentication, in which you answer a text, email or push notification to log into your account. They can “add an extra layer of security to your accounts,” Warmenhoven said.
- Check your statements and credit reports: “In the wake of this breach, it’s important to stay vigilant by regularly monitoring your credit reports, bank statements, and online accounts for any suspicious activity,” he said.
- Be wary of scams. You may get more phony solicitations via email, phone and text – “phishing” attempts to get your information. “If you notice an increase in unsolicited calls and emails asking for personal information, remember: Only respond if you have expressly requested to be contacted,” Papadimitriou said.
- Consider identity protection and more: With security breaches becoming commonplace, you may want to consider premium identity protection features, Papadimitriou said. WalletHub Premium does provide identity protection and monitoring starting at $6.49 per month; its Premium+ plan ($11.99 monthly) also provides bank account monitoring.
Free identity protection measures can only provide limited security, he said.”Taking steps like freezing your credit, changing your passwords regularly, and signing up for bank account and credit monitoring makes it harder for criminals to put stolen info to use,” Papadimitriou said.
“Just like we’re all coming to terms with the fact that our personal information is out there, we need to accept that we will fall victim to identity theft at some point,” he said. “Having identity theft insurance and restoration services is therefore just as important as having car insurance nowadays.”
Follow Mike Snider on X and Threads: @mikesnider & mikegsnider.
What’s everyone talking about? Sign up for our trending newsletter to get the latest news of the day
This article originally appeared on USA TODAY: Why you should be worried about massive National Public Data breach and what to do.