•  

    Welcome! You are currently logged out of the forum. Some forum content will be hidden from you if you remain logged out. If you want to view all content, please LOG IN!

    If you are not an MOA member, why not take the time to join the club, so you can enjoy posting on the forum, the BMW Owners News magazine, and all of the benefits of membership? If you click here, you have the opportunity to take us for a test ride at our expense. Enter the code 'FORUM25' in the activation code box to try the first year of the MOA on us!

     

Here we go again. Another MASSIVE DATA BREACH.

omega man

omega man

Fortis Fortuna Adiuvat
Staff member

Hackers may have stolen the Social Security numbers of many Americans. Here's what to know.​

A new lawsuit is claiming hackers have gained access to the personal information of "billions of individuals," including their Social Security numbers, current and past addresses and the names of siblings and parents — personal data that could allow fraudsters to infiltrate financial accounts or take out loans in their names.

The allegation arose in a lawsuit filed earlier this month by Christopher Hofmann, a California resident who claims his identity theft protection service alerted him that his personal information had been leaked to the dark web by the "nationalpublicdata.com" breach. The lawsuit was earlier reported by Bloomberg Law.

The breach allegedly occurred around April 2024, with a hacker group called USDoD exfiltrating the unencrypted personal information of billions of individuals from a company called National Public Data (NPD), a background check company, according to the lawsuit. Earlier this month, a hacker leaked a version of the stolen NPD data for free on a hacking forum, tech site Bleeping Computer reported.

That hacker claimed the stolen files include 2.7 billion records, with each listing a person's full name, address, date of birth, Social Security number and phone number, Bleeping Computer said. While it's unclear how many people that includes, it's likely "that everyone with a Social Security number was impacted," said Cliff Steinhauer, director of information security and engagement at The National Cybersecurity Alliance, a nonprofit that promotes online safety.

Full story here and it would seem many other sources-

www.cbsnews.com

Hackers may have stolen the Social Security numbers of many Americans. Here's what to know.

Lawsuit claims hackers accessed "billions" of records, including Social Security numbers, by breaching background check company.
www.cbsnews.com www.cbsnews.com

OM
 
PGlaves said:
If any company that had its data leaked had to pay $10,000 to every person whose data was stolen they would better secure the data or not collect and store it at all in an identifiable manner. Failures should have consequences.
Click to expand...
I think a fine is a great place to start and full restitution to those whose identity is stolen.
 
Pentester.com now has a search tool up that will let one search the compromised NPD data to see if your info is contained in the breach.

NPD Breach Check - Pentester.com

npd.pentester.com npd.pentester.com

The site also includes links to the three credit bureaus where a credit freeze can be added.

Like everyone, I am mad as hell at the hackers responsible for this. But I am more angry with all the business entities we routinely deal with who refuse to provide services unless we give them a SS number, then they hold that data on net-connected servers that can be breached. That’s banks, utility companies, cell service providers, etc. etc. etc. Then when a breach occurs, they take the cheap approach out by just providing a year’s worth of supposed net monitoring to see if your data is out there or being used, and putting the onus for dealing with the problems on the backs of consumers: credit freezes, ongoing and more extensive monitoring, etc. It’s long past time to ban the use of SS numbers for routine services like utilities and cell providers and such, and put full fiscal responsibility for protecting SS data on those few business areas that may have legitimate need to hold that data (banks, investment services, etc where tax implications arise).

Best,
DeVern
 
52184 said:
Pentester.com now has a search tool up that will let one search the compromised NPD data to see if your info is contained in the breach.

NPD Breach Check - Pentester.com

npd.pentester.com npd.pentester.com

The site also includes links to the three credit bureaus where a credit freeze can be added.

Like everyone, I am mad as hell at the hackers responsible for this. But I am more angry with all the business entities we routinely deal with who refuse to provide services unless we give them a SS number, then they hold that data on net-connected servers that can be breached. That’s banks, utility companies, cell service providers, etc. etc. etc. Then when a breach occurs, they take the cheap approach out by just providing a year’s worth of supposed net monitoring to see if your data is out there or being used, and putting the onus for dealing with the problems on the backs of consumers: credit freezes, ongoing and more extensive monitoring, etc. It’s long past time to ban the use of SS numbers for routine services like utilities and cell providers and such, and put full fiscal responsibility for protecting SS data on those few business areas that may have legitimate need to hold that data (banks, investment services, etc where tax implications arise).

Best,
DeVern
Click to expand...
Which is why I say there should be a fine/and payment for every identity stolen - whether it is shown that the person is harmed or not. If there is a several thousand dollar penalty for each identity stolen the information would be better protected or anonymized. As it is it is cheaper to dodge responsibility than it is to protect information. I'd recommend a $10,000 fine plus a $10,000 payment to the person whose Identity is compromised as a good start.

I am reminded of the Ford Motor Company cost-benefit analysis that concluded it was lest costly - more profitable - to pay any damage claims for the fire exuberant Ford Pinto than to fix the problem.
 
Last edited:
It would seem that those extending credit should be held, or at least share, responsibility for not properly vetting a person applying for credit?
OM
 
You must log in or register to reply here.

Similar threads

mikegalbicka
PSA - USAA hack and security issues 2023/2024
Replies
0
Views
3K
mikegalbicka
mikegalbicka
bigjohnsd
118th Congress - H.R. 906 - Motor Vehicle - Right to Repair!
2
Replies
27
Views
5K
motorhead1977
M
omega man
Giant Equifax data breach- 143 million people could be affected
2 3
Replies
45
Views
22K
exgman
exgman
mika
Morning Reads: Saturday, 11 April 2008
Replies
9
Views
6K
mika
mika
Back
Top