Following the major data thefts at AT&T and Ticketmaster this year, another cyberattack has compromised the identities of countless more Americans.
National Public Data, a background check company owned by Jerico Pictures Inc., has been the victim of two cyberattacks this year, the first of which occurred in April, the company said in a statement posted on its website. Note that NPD’s website is blocked in some browsers due to increased security.
The data stolen by hackers includes names, social security numbers, phone numbers, email addresses and mailing addresses, but NPD did not provide any information on how many people were affected by the breaches.
“We have been working with law enforcement and government investigators and have conducted a review of the records that may have been affected. We will attempt to notify you if there are any further developments that may be of interest to you,” NPD said. “We have also implemented additional security measures to prevent such a breach from occurring again and to protect our systems.”
The number of Americans affected could be as high as 2.9 billion, according to a new lawsuit filed in the U.S. District Court for the Southern District of Florida. The lawsuit, which seeks class-action status, says cybercrime group USDoD has put the treasure trove of stolen data up for sale on the dark web for $3.5 million.
NPD’s public statement on the data theft came after nearly two weeks of relative radio silence amid numerous media reports. The plaintiff in the above-mentioned lawsuit, a California resident, said he became aware of NPD’s data theft thanks to a July 24 notification from his identity theft protection service.
National Public Data and Jerico Pictures Inc. did not respond to CNET’s numerous requests for comment.
How to protect your identity after a data breach
Data breaches are becoming more common. According to the Identity Theft Resource Center, there were more than 1,500 data breaches in the first half of 2024, affecting approximately 1 billion people. If you’re concerned about this latest data breach or just want to protect your personal information, there are steps you can take.
Remember, just because your information was compromised in a data breach doesn’t mean your identity was stolen. However, criminals will have a more comprehensive profile of you when they finally target you.
Fortunately, there is a lot you can do to protect your identity.
Change your password
If you receive a notification that your information has been compromised in a data breach, the first thing you should do is change your password for the affected account to prevent unauthorized access. If you use the same password for other accounts, you should update those as well.
A good rule of thumb is to use a different password for each online account. If you have trouble doing this, try keeping your passwords safe with a password manager.
Beware of phishing and smishing attempts
Be wary of targeted phishing and smishing attempts by cybercriminals who are trying to get your personal information. With so much information about us available on the internet and social media, cybercriminals have become savvy enough to develop effective scam methods to dupe their victims.
It is important that you do not click on random links on your phone or in emails, as this may result in malicious software being downloaded onto your devices.
Also, do not carelessly share your bank account information or social security number with anyone, as this may lead to unauthorized access to your bank accounts or even identity theft.
Sign up for identity theft protection
If you’re really worried about identity theft, it may be worth getting identity theft protection. Individual coverage costs between $7 and $15 per month. Family plans are also available.
Services like Aura, CNET’s top pick for identity theft protection, scan the dark web for your personal information and monitor your credit and bank account activity. If your identity is stolen, the best identity theft protection companies will help you recover your identity and provide insurance to cover stolen funds and necessary expenses.
aura
CNET’s choice for best overall identity theft protection
Freeze credit
Freezing your credit with Equifax, Experian, and TransUnion is the best way to prevent scammers from opening new credit accounts in your name. I just frozen my account and found the process surprisingly easy. You’ll have to lift your credit freeze every time you want to apply for a new credit card or car loan, but in our opinion, the pros outweigh the cons.
Keep in mind that cybercriminals can still gain access to your existing credit and bank accounts, so this is not a foolproof solution. However, freezing your credit is free.
Keep an eye on your credit reports
If you don’t want to freeze your credit reports, you can still download one free credit report each week from each of the three major credit bureaus. Be sure to monitor your credit profiles for new accounts you didn’t open. You can download your free credit reports here.
You can also sign up for a credit monitoring service that will alert you when new accounts are opened in your name. Evan Zimmer, editor of CNET Money, recommends Experian’s credit monitoring service, which costs between $0 and $25 per month.
You should also make it a habit to check your bank statements for fraudulent charges.
