Contents
The USDoD Hack: What Happened?
The lawsuit claims that on April 8, the USDoD posted a database called “National Public Data” on the dark web, offering records for approximately 2.9 billion individuals for a purchase price of $3.5 million. However, as mentioned earlier, the file was leaked for free on a hacker forum.
Impact of the Breach: How Many People Were Affected?
The exact number of individuals affected by the breach remains uncertain. While the lawsuit claims that “billions of individuals” had their data stolen, the total population of the U.S. is only about 330 million. This discrepancy suggests that the number of affected individuals could be lower than initially reported. Additionally, the data may include the personal information of deceased individuals, further complicating the scope of the breach.
Bleeping Computer reports that the hacked data involves 2.7 billion records, with individuals possibly having multiple records in the database. For instance, one person might have separate records for each address they’ve lived at, which means the number of impacted individuals could be far lower than the lawsuit claims. The data also appears to date back at least three decades, according to law firm Schubert Jonckheer & Kolbe, who investigated the breach.
How to Find Out if Your Data Was Compromised
For those concerned about whether their data was part of the hack, tools are available to monitor what information about them is available on the dark web. Michael Blair, managing director of cybersecurity firm NukuDo, advises consumers to use reputable companies to check for breaches. These tools can help identify if your addresses, passwords, and email have been exposed.
Hofmann, the plaintiff in the lawsuit, discovered his information was leaked as part of the NPD breach through such a service.
Protecting Your Information: Steps You Should Take
Security experts strongly recommend that consumers immediately protect their personal information. One of the most important steps is to freeze your credit files at the three major credit bureaus: Experian, Equifax, and TransUnion. Freezing your credit is free and will prevent bad actors from taking out loans or opening credit cards in your name.
“The biggest thing is to freeze your credit report so it can’t be used to open new accounts in your name and commit other fraud,” Steinhauer advised.
Additionally, Steinhauer suggests several other steps to secure your data and finances:
- Ensure that your passwords are at least 16 characters long and complex.
- Use a password manager to store these long, complex passwords securely.
- Enable multifactor authentication, which adds an extra layer of security beyond just a password.
- Be vigilant against phishing and other scams; scammers often try to create a sense of urgency to manipulate their victims.
- Keep your security software updated on your computer and other devices, including downloading the latest security updates from Microsoft or Apple.
- Consider using a tracking service to alert you if your data appears on the dark web.
“You should assume you have been compromised and act accordingly,” Steinhauer cautioned.
Final Thoughts
In the wake of this massive breach, taking proactive steps to protect your personal information is crucial. With billions of records potentially exposed, the threat of identity theft and other forms of fraud looms large. Following the recommended security measures can help safeguard your data and minimize the risks associated with this breach.
