In the first week of August this year, a hacker released a dataset containing personal information of Americans from the servers of National Public Data, an organization providing background check services to businesses. By the third week of the month, the same hacker published another data dump, revealing approximately 2.7 billion records. This dataset included social security numbers, names, mailing addresses, and names of relatives, potentially setting the stage for future phishing attacks.

Initial investigations suggest that the hacker, identified as USDoD, was responsible for breaching data belonging to citizens from the US, UK, and Canada. It is believed that this information was obtained after paying a substantial amount to another threat actor known as SXuL.

While there is no conclusive evidence linking the attack to Russian hackers, it is notable that USDoD is the same individual who previously infiltrated CrowdStrike’s servers and attempted to breach Microsoft servers. This latter attack caused significant disruptions, including issues with Windows 10 and 11 due to a bug in CrowdStrike Falcon sensors.

Attacks on software firms and technology infrastructure have become lucrative for threat actors. Victims often feel compelled to pay ransoms because their data is crucial to their operations. Such data frequently sells quickly on the dark web, where it is highly sought after by criminals looking to profit through cryptocurrency.

The FBI and other organizations like CISA advise ransomware victims against paying ransoms, as doing so encourages further criminal activity. It has been observed that attackers often return to target the same network multiple times within a year. Therefore, it is recommended to report data breaches to the SEC and the FBI and follow their guidance for handling such incidents.

The post National Public Data Leaks Social Security Numbers of about 2.7 billion populaces appeared first on Cybersecurity Insiders.