National Public Data finally confirms it was hit by data breach — and that millions of users are at risk

Billions of records have been leaked

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

National Public Data has finally confirmed it suffered a massive data breach that resulted in thetheft and subsequent public leaking of millions of sensitive personal records.

The compromised information leaked includes names, Social Security numbers, email addresses, home addresses, and phone numbers for individuals living in the US, Canada, and the UK.

An estimated 2.9 billion records have reportedly been circulating the dark web since April 2024, highlighting the scale and scope of the breach at thebackground checkservice.

Nearly three billion personal records leaked

National Public Data, which collects public records at various government levels, confirmed that the breach occurred in December 2023, and leaks followed in April 2024.

In a statement (viaThe Register), the company confirmed: “We conducted an investigation and subsequent information has come to light.”

The data, which spans over 30 years and includes address histories and family connections, was stolen by a hacker using the alias SXUL. The data was later passed to another cybercriminal, known as USDoD, to sell, and was initially offered for sale at $3.5 million.

Last week, a threat actor named Fenice released 2.7 billion records from the collection for free.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

The breach has sparked a class-action lawsuit, with the leaked data still posing significant risks foridentity theftand fraud. Individuals impacted by the breach are being advised to monitor their financial accounts for suspicious activity and be cautious of potential phishing attempts exploiting the leaked information.

Troy Hunt, known for breach notification websiteHaveIBeenPwned.com, highlighted that the leak includes 134 million unique email addresses and 272 million SSNs, with an average age of 70 years for the affected individuals.

While some of the information may be outdated the sheer scale of the breach underscores the critical need for robust protection practices in an increasingly digitally connected world.

More from TechRadar Pro

With several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the decarbonisation of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!

A new form of macOS malware is being used by devious North Korean hackers

Scammers are using fake copyright infringement claims to hack businesses

This super-cheap HP Victus 15 gaming laptop just dropped to its lowest price yet