After a data protection company confirmed that numerous Social Security numbers were hacked, several websites have appeared this week allowing people to check if they’ve been compromised in the data breach.
The plaintiff, listed as Christopher Hoffman on behalf of others affected, has accused National Public Data of failing to “properly secure and safeguard the personally identifiable information that it collected and maintained as part of its regular business practices.”
National Public Data, in a letter and in an online statement, confirmed a data breach, although it did not say that 2.9 billion records were compromised. In a filing with the Maine Attorney General’s office, the firm said that 1.3 million people were potentially exposed.
“The incident is believed to have involved a third-party bad actor that was trying to hack into data in late December 2023, with potential leaks of certain data in April 2024 and summer 2024,” stated the letter from National Public Data, a background check company.
It further confirmed that personal information such as Social Security numbers, mailing addresses, email addresses, names, phone numbers, and other data were compromised in the incident.
How to Check
Since details of the incident surfaced this month, at least two third-party websites have been established to tell whether one’s Social Security number has been compromised in the breach.A spokesman for the company, Richard Glaser, told The Epoch Times on Friday that “this data was originally for sale months ago” on the dark web.
“We are displaying a redacted version for people to know if they were affected, and if so, is the information correct that was shown about them. Many times it is not. Also, we do not store their searches on npd.pentester.com,” he said.
He also urged people whose Social Security numbers have been compromised to “protect themselves” and “be prepared” for future data breaches, adding that some websites have appeared in the wake of the data breach that may be scams.
“Use a trusted source such as pentester.com where we display information about our company and give real advice on next steps. There are some other ‘fully redacted’ sites out there storing data, compiling lists, and don’t even have a service in place. Be careful where you search. We are transparent about who exactly we are,” Glaser stated.
That site allows a person to search via his or her first name, last name, and ZIP code. Or, it allows one to search using his or her Social Security number or phone number.
“To help keep you anonymous, your search query is hashed locally and then sent to our servers to search against the NationalPublicData.com. We do not store any search data,” the site states.
The site also highlights on the page that some media outlets have made reference to it.