A major data breach, potentially one of the largest in history, has hit National Public Data, a background check company also known as Jerico Pictures. The breach, affecting an estimated 2.9 billion personal records, has leaked sensitive information such as social security numbers, addresses, full names, and even details about deceased relatives dating back decades. This information was allegedly sold on the dark web for a staggering $3.5 million, according to a class action lawsuit filed against National Public Data. The lawsuit claims that the company scraped data from non-public sources without the knowledge or consent of individuals, making them vulnerable to this massive data breach.
While National Public Data has not officially confirmed the breach, the lawsuit outlines the severity of the situation. The breach, believed to have occurred in April, was first discovered by an identity-theft protection service provider who alerted affected user Christopher Hofmann on or around July 24. The lawsuit accuses National Public Data of negligence, unjust enrichment, and breach of fiduciary duty.
The lawsuit also demands that National Public Data implement several measures to prevent future breaches, including conducting database scanning, segmenting data, using a threat-management system, and hiring a third-party assessor to evaluate its cybersecurity frameworks annually for the next decade. The court has further instructed the company to cleanse the personal data of all affected individuals and encrypt all gathered data from now on.
This breach, if confirmed, could eclipse the 2013 Yahoo data breach, which affected 3 billion users. The scale of the data leak raises serious concerns about the safety and security of personal information in the digital age. Individuals are urged to be cautious and consider using identity-theft protection services to minimize the risk of potential harm.
