Massive Cybersecurity Breach in September 2024 Exposes Billions: What You Need to Know and How to Protect Yourself

Massive Cybersecurity Breach in September 2024 Exposes Billions: What You Need to Know and How to Protect Yourself


In September 2024, National Public Data confirmed that a hacker had compromised the personal records of millions of individuals. This was one of the most significant cybersecurity breach in recent history. The compromised information includes names, email addresses, mailing addresses, phone numbers, and even Social Security numbers for up to 2.9 billion people. Here's what you need to know to protect yourself and how cybersecurity can play a crucial role in safeguarding personal data.

Overview of the Breach

National Public Data, a major consumer data broker that specializes in providing criminal records, background checks, and other data services to private investigators, consumer public record sites, HR departments, Managed IT Services, and government agencies, suffered a cybersecurity breach. The incident is believed to have started in December 2023 when a third-party hacker attempted to access the company’s systems.

In April, a cybercriminal named "USDoD" uploaded the stolen data to a popular criminal forum. On August 6, the same dataset was posted for free across several breach forums, allowing anyone to download it.

The data leak involved sensitive, personally identifiable information, including names, addresses, phone numbers, email addresses, and Social Security numbers. Some of the records even contained old addresses and alternate names, and some impacted individuals were already deceased.

Although an official breach notice filed in Maine reported 1.3 million compromised records, ongoing lawsuits suggest the real number could be as high as 2.9 billion.

During the investigation, experts found that much of the data—except for the Social Security numbers—was either publicly available or inaccurate. Still, the consequences of having all this information in one place pose serious risks.

Why is this cybersecurity breach dangerous if some information is already public?

Even though much of the data might be publicly available, the cybersecurity risk comes from how accessible it is in a single dataset. Criminals can use this consolidated information to easily apply for credit cards, loans, or open bank accounts in victims' names. Additionally, the exposed data may include answers to security questions—such as childhood street names or partial Social Security numbers—which hackers can exploit to bypass account security measures.

As a result, experts are predicting a surge in phishing and smishing (phishing via SMS) attacks using this stolen data.

Could you be affected even if you’ve never heard of National Public Data?

Yes. Even if you haven’t interacted with National Public Data directly, your personal information could still have been collected by other organizations that use their services. Many companies rely on Managed IT Services or data brokers to gather information, making it likely your data could be involved.

What should you do to protect yourself?

Step 1:

Check if your data has been exposed. Use tools like https://npd.pentester.com/ to determine if your information was compromised. If so, it’s crucial to take immediate steps to safeguard your identity.

Step 2:

Request a copy of your credit report and freeze your credit. Freezing your credit and setting up alerts is one of the best ways to protect yourself from identity theft. This ensures that criminals can’t open new credit accounts in your name. To do this, contact all three major credit bureaus—Equifax, TransUnion, and Experian—and request a credit freeze.

The process is quick, free, and shouldn't take long. Additionally, consider freezing the credit of anyone in your household who is over 18, as anyone with a Social Security number could be at risk with this cybersecurity breach or breaches moving forward.

Once you’ve obtained your credit report, review it carefully for any unauthorized activity. Set up credit monitoring alerts and check your credit regularly to stay ahead of any suspicious activity.

Step 3:

Be vigilant for phishing scams. With so much personal data exposed, cybercriminals are likely to attempt phishing attacks through all media outlets. Always be cautious and think twice before clicking on suspicious links or providing personal information.

Protecting your business

A cybersecurity breach can be devastating for both businesses and individuals. As a business owner, it’s your responsibility to take every precaution to protect your company’s data. Managed IT Services and IT Support teams can help you strengthen your cybersecurity measures and prevent breaches like this from occurring.

If you want to ensure your business is secure, we offer a FREE Security Risk Assessment to identify vulnerabilities in your network. This in-depth analysis will give you a comprehensive roadmap for improving your cybersecurity. To book your FREE assessment, call us at (713) 277-7799 or click here, Cybersecurity Consultation. By staying proactive, you can protect both your personal information and your business from falling victim to cybersecurity breaches and cyberattacks.



Servicing All of Houston: The Woodlands, Conroe, Bellaire, Katy, River Oaks, The Heights, Rice Village, Midtown, Medical Center, Kingwood, Clear Lake City, Webster, League City, Pearland, Tomball, Galveston

Servicing All of Dallas-Fort Worth: Prosper, Southlake, Grapevine, Keller, Carrollton, Plano, Garland, Coppell, Irving, Mesquite, Denton, Frisco, Cedar Hill, Flower Mound, Hutchins, McKinney

Managed IT Services for all of Texas.