Possum Posted September 1 Posted September 1 For those US folks who didn't already know there was a massive theft of numbers. Probably a good idea to freeze credit. https://www.usatoday.com/story/tech/2024/08/17/social-security-hack-national-public-data-confirms/74843810007/ 1 Link to comment Share on other sites More sharing options...
Lee Posted September 1 Posted September 1 Was my Social Security number stolen?’ Answers to common questions on the National Public Data breach Q and A about what could/should be done. Quote A massive data breach by a company named National Public Data could have made billions of personal financial records vulnerable. Many Americans are wondering if they’ve been personally affected and what to do next. Here’s how experts respond to some of the biggest questions on the breach. You may have never heard of National Public Data, yet your personal information may have been compromised in the company’s recent massive data breach. The background check company, which is owned by Jerico Pictures Inc., recently released details of the breach after a proposed class action lawsuit alleged 2.9 billion personal records may have been exposed. Other reports suggest the amount of records leaked may have been more than 2.7 billion. In an official data breach notice filed in Maine, National Public Data indicated 1.3 million records may have been breached, said James E. Lee, chief operating officer at Identity Theft Resource Center, a non-profit organization focused on mitigating risks of identity breaches and theft. “It is entirely possible that it is that low; it’s also entirely possible it’s higher,” Lee said of the number of people affected. The information breached may have included Social Security numbers, names, email addresses, phone numbers and mailing addresses, National Public Data states on its website. A third-party bad actor may have hacked into the data in December, with potential leaks of the information in April and over this summer, the company said on its website. National Public Data did not return a request for comment by press time. As cyber professionals dig into the breached data, they’re finding that not all of it is accurate and much of the information was already available. “The reality is there’s nothing new in this data,” Lee said. Still, experts say news of the breach is a great reminder to take steps to protect your personal information. Here’s a roundup of answers to common consumers are asking now. Can you be affected even if you’ve never heard of National Public Data? Yes. National Public Data is a background check company that provides information either through legitimate sources or by scraping it off the web, Lee said. Because the data is collected more casually, it can be gathered without consumers’ permission and outside of certain regulations. As a result, it may be inaccurate or outdated, he said. Certain information, such as when you buy a house or pay property taxes, technically is public record, said Cliff Steinhauer, director of information security and engagement at The National Cybersecurity Alliance, a nonprofit focused on cybersecurity awareness and education. Companies can collect and aggregate that publicly available data to gather a picture of who someone is, he said. “You have varying levels of companies’ ability to protect the data that they’re collecting, and they may not fall under any regulation to do so because it’s like public data to begin with,” Steinhauer said. Identity theft is where bad actors are focusing their attention, says CyberArk CEO Is there a way to know if your Social Security number has been affected? Certain cyber groups have set up websites to enable individuals to search to see if their personal data was affected by the breach, Lee said. One site — NPDBreach.com — allows for a search by full name and zip code, Social Security number or phone number. Another site — NPD.pentester.com — allows for search based on first name, last name, state and birth year. “I certainly don’t recommend anybody enter their Social Security number” in the sites, Lee said. By entering your name, you may get a sense of what information, if any, has been shared. The good news is most people are finding information that has been leaked is inaccurate, Lee said. What is the best way to protect your personal information? If you find you’re included in the breach, the steps you should take are not necessarily new. “There’s nothing additional you should do that you haven’t hopefully have already done, or you know now to do,” Lee said. Freezing your credit should be at the top of that list. Be sure to submit requests to each of the three major credit bureaus — Equifax, Experian and TransUnion. Get this delivered to your inbox, and more info about about our products and services. By signing up for newsletters, you are agreeing to our Terms of Use and Privacy Policy. A freeze will help block access to your records by bad actors. However, keep in mind you will need to either temporarily or permanently unfreeze your credit if you want to apply for a new credit card or auto loan, for example. As you freeze your credit, be extra vigilant that you are on the legitimate websites of the credit bureaus, and not look-alike sites aimed at stealing your personal information. Additionally, you should change all your passwords, particularly if you have repeated passwords among multiple websites. Ideally, you should enable multi-factor authentication for personal websites to help keep your financial data secure. Also, never share your personal information while using public internet. Is it worthwhile to pay for extra protection? In addition to freezing your credit, there are ways to purchase additional protection. Sites like National Public Data may allow for individuals to opt out of being included in their data collections. However, because there are so many data brokers, it can be time consuming for consumers to contact each one, Steinhauer said. To help, consumers can pay for a data broker removal service that will contact the websites on their behalf. Additionally, identity theft monitoring tools will let you know if someone tries to open an account using your personal information. Dark web monitoring services can let you know if your information was found in a data breach that was published on the dark web. Can you be entitled to money damages if you’re affected by the breach? While legal organizations may tout the idea that money damages may be available to people affected by the breach, any sums that are eventually paid likely won’t be meaningful, Lee said. “You’re not going to get a lot of money,” Lee said. After the 2017 Equifax breach affecting more than 147 million consumers, for example, people reported receiving lawsuit payouts in late 2022 of less than $3 in some cases, while other said they got around $40. The goal of the solicitations is often to build a multi-state, multi-jurisdiction class action lawsuit, which may consolidate multiple lawsuits. However, they will need to prove actual harm came from this specific data breach, Lee said. Because there have been so many data breaches, it can be difficult to tie a specific piece of data to this one event, he said. https://www.cnbc.com/2024/08/23/was-my-social-security-number-stolen-national-public-data-breach-questions.html Link to comment Share on other sites More sharing options...
earthdome Posted September 1 Posted September 1 Yes, more than once. And I still have my original social security card which states it should not be used for identification. Sigh. Years ago my state by default used your ssn for youf DL. But you could object. When I did that the DMV clerk loudly said "We have another objector" When I got my first cell phone they wanted my ssn for credit check. I said no and replied that if they wanted my business they would need to find a way without my ssn. I got my phone. Another time the cell phone company gave a paper to sign saying I agreed to their terms of service. I asked to see them and stated I never sign without reading the contract, all of it. They almost kicked me out of the store. I always refuse except for banks and financial accounts where they will not open an account without it. My point here is that I try to push back at this crap as often as I can by being nice but firm. 3 1 Link to comment Share on other sites More sharing options...
OnMyWay Posted September 1 Posted September 1 3 hours ago, Possum said: For those US folks who didn't already know there was a massive theft of numbers. Probably a good idea to freeze credit. https://www.usatoday.com/story/tech/2024/08/17/social-security-hack-national-public-data-confirms/74843810007/ Thanks for the reminder. I will freeze my credit. No need for it now anyway as I will not be opening any accounts. This also reminded me that I have some errors in my credit report that were probably caused by someone trying to open credit with my SSN. I have known that for a long time but never did anything about it because they are not impacting negatively. 1 Link to comment Share on other sites More sharing options...
JJReyes Posted September 1 Posted September 1 7 hours ago, Possum said: For those US folks who didn't already know there was a massive theft of numbers. Probably a good idea to freeze credit. I would suggest freezing your debit card because, thieves can withdraw the entire amount in your bank account. While restitution is possible, this process could take months. In the meantime, no funds. Under US law, the liability amount for credit cards is usually $50. More often, the bank won't even charge their customers this amount. They will send you a new card with a different number and you reset the pin number. 1 Link to comment Share on other sites More sharing options...
earthdome Posted September 1 Posted September 1 17 minutes ago, JJReyes said: I would suggest freezing your debit card because, thieves can withdraw the entire amount in your bank account. While restitution is possible, this process could take months. In the meantime, no funds. Under US law, the liability amount for credit cards is usually $50. More often, the bank won't even charge their customers this amount. They will send you a new card with a different number and you reset the pin number. What was meant by freeze is to prevent identity theives from using your information to create new accounts. Then run up the card but you get the bill. You do this by going to the three big credit data brokers Transunion, Equifax and Experian and putting a freeze on new accounts. Of course you need to maintain good security for your already existing accounts. Here are some tips. https://www.finra.org/investors/insights/cyber-safe-financial-accounts 1 Link to comment Share on other sites More sharing options...
MikeB Posted September 2 Posted September 2 On 9/1/2024 at 2:06 AM, Possum said: Probably a good idea to freeze credit. Agreed. No good reason not to unless you're applying for credit. I locked all ours after the last "massive theft". 2 Link to comment Share on other sites More sharing options...
OnMyWay Posted September 3 Posted September 3 23 hours ago, MikeB said: Agreed. No good reason not to unless you're applying for credit. I locked all ours after the last "massive theft". Has anyone successfully locked their credit using the online tools the 3 credit agencies have? From the Philippines? I tried two and was told I have to call. Link to comment Share on other sites More sharing options...
earthdome Posted September 3 Posted September 3 5 hours ago, OnMyWay said: Has anyone successfully locked their credit using the online tools the 3 credit agencies have? From the Philippines? I tried two and was told I have to call. Did you try a vpn? If you use CapitalOne they track your credit rating and will show you any requests reported by the three agencies. Not as good as a freeze but could help you detect identity theft to open fraudulent financial account or loan. Link to comment Share on other sites More sharing options...
OnMyWay Posted September 3 Posted September 3 1 hour ago, earthdome said: Did you try a vpn? If you use CapitalOne they track your credit rating and will show you any requests reported by the three agencies. Not as good as a freeze but could help you detect identity theft to open fraudulent financial account or loan. Yes, I did try with vpn. I think it might be something to do with the Google voice phone number I am using. I do have Capone. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now