The National Public Data (NPD) recently confirmed a severe security breach that dates back to December of the previous year. This breach exposed a vast amount of sensitive data, including Social Security numbers, to potential cybercriminals. The breach was uncovered when a hacker group known as USDoD advertised a stolen NPD database containing a staggering 2.9 billion lines of data on the dark web for a price of $3.5 million.
In a recent report by Krebs On Security, it was revealed that another website, recordscheck.net, which closely resembled NPD, was hosting an archive with site logins and plaintext source code for several tools used on the site. This additional vulnerability posed a significant risk as it provided easy access to the consumer records stored on NPD.
The situation took a bizarre turn when it was discovered that the leaked data included email correspondence belonging to NPD founder Salvatore Verini. Verini, a former actor and sheriff’s deputy, downplayed the severity of the breach by claiming that the leaked file contained outdated website code. However, further investigation revealed that Verini had written a positive testimonial for a web developer company mentioned in the leaked source code, raising suspicions about his potential involvement in the breach.
Following the alarming revelations of the security breach, several websites claiming to offer services to check if individuals’ information was compromised in the leak emerged. Websites like npdbreach.com and npd.pentester.com promised to provide users with answers by inputting their personal information into online forms. However, this raises concerns about the security and legitimacy of these websites, as users are required to disclose sensitive information such as their Social Security number.
The NPD security breach highlights the ongoing threat posed by cybercriminals and the importance of robust security measures to safeguard sensitive data. The questionable actions of NPD founder Salvatore Verini further underline the need for transparency and accountability in handling such breaches. As individuals navigate the aftermath of this breach, it is crucial to exercise caution when interacting with websites offering to check for compromised information, as they may pose additional risks to users’ privacy and security.
Leave a Reply