How to Determine if Your Social Security Number Was Compromised in the Data Breach
Billions of personal information records were potentially exposed in April after a hacking group gained access to records from the background check service National Public Data (NPD), leading to warnings from cybersecurity experts. NPD confirmed this week that a security incident within their company resulted in a leak of personal information, including social security numbers for millions of people.
, NPD cautioned that the “the information that was suspected of being breached contained name, email address, phone number, social security number, and mailing address(es).” They recommended the public to take a number of steps to safeguard their identities, including freezing their credit and putting fraud alerts on their files at major credit bureaus.
The breach came to public awareness after a class-action lawsuit was filed August 1 in U.S. District Court in Florida, which was first reported by .
National Public Data did not disclose the exact number of people affected, but hackers, identified as part of the hacking group USDoD, have been offering for sale what they claimed were billions of NPD records since April, although “security researchers who looked at the trove said some of the claims were exaggerated.”
According to David Brumley, a professor of electrical and computer engineering at Carnegie Mellon University, these breaches will become more prevalent with data centralization.
“We are not talking about a startup here,” Brumley said. “Looking forward, we have to have higher standards for the custodians of our data.”
Here is how you can check if your social security has been compromised by the breach and what to do to protect your information.
How to check if your social security information has been compromised
NPD has not directly notified specific individuals whose data may have been compromised. In their statement, they state they are collaborating with law enforcement to examine affected records and “will try to notify you if there are further significant developments applicable to you.”
Cybersecurity firm compiled a free database after the breach containing the information—with social security numbers and dates of birth redacted—and created a search tool for individuals to check if their information was involved. People can enter their name, state, and year of birth , and the search will instantly look for information in the billions of records leaked online in the massive data breach.
What to do if you’re affected by the leak
If your social security number was breached, the best course of action is to freeze your credit files by creating an account with one of the three consumer credit reporting agencies: Equifax, Experian or TransUnion. This step can help prevent identity theft. Credit reporting agencies also provide services for those who set up accounts to check if their social security numbers have been compromised.
Even if your social security number was not leaked, Brumley emphasizes that certain protections should become the norm in this era of data breaches.
He urges people to set up two-factor authentication on as many online accounts as possible, or use an authentication app to secure your online accounts. He also advises setting up account alerts with your bank, including any and all charges outside of your home country and ATM withdrawals.
Brumley’s primary piece of advice is to “be vigilant.”
Vigilance, he says, includes regularly checking your credit score, especially before significant purchases such as car loans and mortgages. It also involves being aware of phishing scams, since Brumley says leaks of this magnitude create opportunities for scammers to pose as banks and those offering assistance.
He also advises people to double-check with their banks, even if they have alert services for large purchases and withdrawals. He explains that even though some banks have regulations requiring extra identification, people can now find ways to circumvent these checks. He emphasizes that it is crucial for individuals to remain vigilant regarding their credit, identity, and bank information.
“There’s not much more you can do when this much data has been compromised,” Brumley adds.