Alleged Security Breach May Have Exposed 3 Billion People’s Personal Data

Micah Hanks·

hacking

Welcome to this week’s Intelligence Brief… recently, security experts have warned about an alleged breach earlier this year that may have exposed sensitive personal information collected from billions of individuals. In our analysis, we’ll be looking at 1) how we learned that hackers may have stolen personal identifying information from close to 3 billion individuals, 2) what details are known about what may be one of history’s largest security breaches, and 3) what’s next as a class action lawsuit has been filed involving the company linked to the breach.

Quote of the Week

“A breach alone is not a disaster, but mishandling it is.”

— Serene Davis

Latest News: In recent articles at The Debrief, researchers think they may have finally solved the 47-year-old mystery of the famous “Wow! Signal.” Meanwhile, evidence of genetic behavior in organisms that researchers liken to “alien biology” suggests similar strange genes may even exist in humans. Also, new study casts doubt on the likelihood of humanity discovering technologically advanced alien civilizations. You’ll find links to all our recent stories at the end of this week’s newsletter. 

Podcasts: In podcasts this week, over on The Micah Hanks Program we get a status report from the case files of the newly launched UAP Sightings Reporting System (UAPSRS). Meanwhile, in advance of the return of The Debrief Weekly Report from its summer break, you can catch up on past episodes over on The Debrief’s Podcasts Page.

Video News: On the latest episode of Rebelliously Curious, Chrissy Newton is joined by Joshua Pierson, a seasoned US Army Chief Warrant Officer with 24 years of experience in intelligence, who delves into the fundamentals of counterintelligence and the importance of structured analytic techniques in understanding UAPs. Be sure to check out other great content from The Debrief on our official YouTube Channel.

With that out of the way, it’s time to examine the recent claims involving an alleged security breach that may have exposed the personal information of billions of individuals.

Shock Claim: Hackers Steal Data From 3 Billion People

An alleged data breach earlier this year may have exposed the personal information of nearly 3 billion people, resulting in what could be one of the most significant data breaches ever.

According to a class action lawsuit filed in Florida, Jerico Pictures Inc., operating as National Public Data, was the target of a massive data breach that exposed billions of people’s personal information several months ago. The cybercriminal group USDoD reportedly executed the breach, which posted a database on the dark web allegedly containing the stolen information for a sale price of $3.5 million.

hackers

According to the complaint, National Public Data has not yet notified individuals who may have been affected or provided any other form of public notification. If confirmed, the breach could exceed the 2013 Yahoo! breach, which also compromised the data of approximately 3 billion individuals.

One of History’s Largest Data Breaches?

On April 8, 2024, a cybercriminal hacking group operating under the name USDoD posted a database titled “National Public Data” on a dark web forum. The database, which was reported to have cost $3.5 million, allegedly contained the personal information of 2.9 billion individuals in the United States, Canada, and the United Kingdom.

National Public Data, a background check company, obtains information by scraping data from sources not readily available to the public. According to the recent lawsuit filed in the US District Court for the Southern District of Florida, personal identifying information belonging to billions of people—which may include sensitive data like Social Security Numbers—could have been leaked.

Ultrasonic Acoustic Attack

The plaintiff named in the lawsuit, California resident Christopher Hofmann, reportedly learned of the breach late in July after receiving a notification from an identity theft protection service he uses. It is unclear how many others may have been notified about the alleged theft, which, if confirmed, likely involves a large number of individuals who would have had no way of knowing that their personal information had been collected and put at risk.

Hofmann accuses National Public Data of negligence, unjust enrichment, and breach of fiduciary duty, among other allegations outlined in the lawsuit, which was reported by Bloomberg Law.

What’s Next?

Right now, Hofmann is pursuing a court order that would essentially mean that National Public Data will be required to take action, which may include purging the reportedly compromised data and ensuring that data the company collects in the future is handled safely. The lawsuit also aims to ensure that a third-party assessor is assigned to monitor the company’s cybersecurity operations with annual evaluations over the next decade.

Understandably, the incident has caused concerns among several experts, who see the alleged breach as potentially far more significant than past hacking incidents. Teresa Murray, director of the U.S. Public Information Research Group, told the Los Angeles Times that the incident is “much more concerning” than earlier breaches, warning that consumers should take more precautions as such incidents are on the rise.

National Public Data has not yet issued a public statement regarding the allegations, nor has it provided warnings to any potentially affected individuals.

That concludes this week’s installment of The Intelligence Brief. You can read past editions of The Intelligence Brief at our website, or if you found this installment online, don’t forget to subscribe and get future email editions from us here. Also, if you have a tip or other information you’d like to send along directly to me, you can email me at micah [@] thedebrief [dot] org, or Tweet at me @MicahHanks.

Here are the top stories we’re covering right now…