You can safely assume that, in one form or another, your personal data has been leaked online. If it wasn’t apparent before, it’s undoubtedly become clear with the revelation that nearly 3 billion Social Security numbers (SSNs) and other sensitive personal information have been leaked onto the dark web in a National Public Data breach.
The breach became publicly understood in August when Bloomberg Law revealed a proposed class action lawsuit against National Public Data, a background-check company. According to Bloomberg Law’s Cassandre Coyer, a cybercriminal group posted a database entitled “National Public Data” on a dark web forum on April 8, 2024. It included the personal data of 2.9 billion people. National Public Data scrapes this data from non-public sources (the victims didn’t provide their data to the company) and includes “Social Security numbers, current and past addresses spanning decades, full names, information about relatives—including some deceased for nearly two decades—and more.”
It’s challenging to know whose information was included in this or other breaches. PC Magazine recommends a few sites that could help pinpoint victims, but it’s not our area to endorse entering information into those searches. Proceed with caution. Since these breaches have become so widespread, it’s best to be vigilant and assume that your personally identifiable information has been or will be exposed in one form or another.
The U.S. Social Security Administration (SSA) offers a list of steps to take if you suspect your SSN has been stolen. They include alerting several authorities, including the Federal Trade Commission (FTC), Internet Crime Complaint Center (IC3), your local police, and at least one of the three major credit bureaus (Equifax, Experian, and TransUnion). Steps to take with the IRS are listed here as well.
Whether you suspect a breach or not, make it a habit to check your credit report at AnnualCreditReport.com and visit your personal my Social Security account regularly to check for suspicious activity. It’s also essential to understand how to avoid preventable breaches (unlike this latest one) and to learn to recognize the warning signs of a breach. The SSA and the FTC list those tips on their websites.
Pay attention to these signs to protect both your identity and your finances. For instance, if the IRS notifies you that more than one tax return was filed in your name or that you have income from an employer you don’t work for, investigate and respond immediately. Your SSN and related data may have been compromised. Plus, “if you use an online application to do your taxes,” the IRS advises, “you can now log in with your username, password and a third personal item like a phone number. Using all three will keep your identity and data safer.” Feel free to contact us with questions.