Background Data Company Suffers Massive Data Breach
Almost three billion personal data records have been stolen from a background check company. The massive breach has unintentionally proven the value of data opt-out laws.
The people who stole the data had put it up for sale to other criminals for $3.5 million, but it seems they didn't find a buyer. They are reportedly now planning to release the data publicly.
That might seem an odd move given its supposed value, but it's likely part of a long game. It means that if the same group steal data in the future, they would be able to blackmail the business with more credibility.
The data is said to be from National Public Data, a Florida-based background check company. It mainly operates by letting third parties access its database to look up records. The company has not commented publicly on the case. (Source: theregister.com)
Social Security Numbers Leaked
The database is 277.1GB and contains records on an unknown number of people who live or have lived in the United States. It's said to include names, address history over the past three records, social security numbers, and details of close relatives. (Source: x.com)
The group who tried to sell the data appears to be the same one that previously offered financial information about TransUnion customers. The group appears to be acting as a go-between on behalf of the people who actually stole the data.
Opt-Out Worked
One element of good news is that the list doesn't contain any data from people who exercised data opt out laws, suggesting that data handling businesses are respecting the laws.
Several US states have rules that mean citizens can opt out of having businesses sell their personal data. The states include California, Colorado, Connecticut and Virginia. Usually the businesses must have a dedicated web page with details of how to exercise this right, usually by completing a form.
What's Your Opinion?
Are you surprised the thieves are planning to release the data? Have you ever exercised data opt-out rights? Do companies handling data need tougher regulation to make sure they maintain security?
My name is Dennis Faas and I am a senior systems administrator and IT technical analyst specializing in cyber crimes (sextortion / blackmail / tech support scams) with over 20 years experience; I also run this website! If you need technical assistance , I can help. Click here to email me now; optionally, you can review my resume here. You can also read how I can fix your computer over the Internet (also includes user reviews).
We are BBB Accredited
We are BBB accredited (A+ rating), celebrating 21 years of excellence! Click to view our rating on the BBB.
Comments
I always OPT-Out of anything I can
I always OPT-Out of anything I can, so I should NOT be one of the effected.
Do what I do, pick a fake birthday and use that everywhere. Wrong day, wrong month, wrong year. If Kids ever do social media, have them also pick a fake birthday and a fake name/alias identity. Use the name of someone you dislike, LOL.
Opt in/out
Maybe someday when the pols stop receiving lobby money they will change the world to Opt IN.
My data is mine unless I give it to you.
I love it when I find my stuff encumbered with all sorts of incorrect information.
The latest are real estate agents wanting to buy my property - that I have never owned.