You’ve probably heard about the massive data breach in which the Social Security numbers and other data of millions of Americans were exposed and potentially fell into the hands of hackers.
The data cache consists of 2.9 billion records, including names, addresses, Social Security numbers and relatives, going back at least 30 years, according to the law firm Schubert, Jonckheer & Kolbe.
The San Francisco company filed a class action lawsuit against National Public Data, a company that aggregates data to provide background checks, alleging that the company failed to properly protect the information, allowing it to be stolen and sold on the dark web.
The complaint, filed in U.S. District Court in Fort Lauderdale, Florida, and first reported by Bloomberg Law, says the breach means people “will face ongoing monitoring, surveillance and loss of rights to their financial and personal records for years to come.”
Most data breached years:Cybersecurity experts show how to protect your privacy
How did this massive data breach happen?
According to the indictment, the cybercrime group USDoD accessed the network of National Public Data (also known as Jericho Pictures, Inc., of Coral Springs, Florida) and stole unencrypted personal information. On or around April 8, 2024, the group posted the database on the dark web, claiming it contained information on approximately 2.9 billion people, for sale for $3.5 million.
The plaintiff in the case, Christopher Hoffman of Fremont, California, was notified by an identity theft protection service that his data had been compromised as a result of a data breach and had been found on the dark web.
Should I freeze my credit?
If you are concerned about the integrity of your credit because your identity may have been stolen, you can freeze your credit report to prevent fraudulent borrowing.
This credit freeze, also known as a security freeze, prevents creditors from accessing your credit report, according to the U.S. General Services Administration.
“Everyone should consider freezing their credit report with each of the major credit bureaus because it’s free and it prevents unauthorized individuals from opening credit cards or taking out loans in your name,” Odysseas Papadimitriou, CEO of personal finance site WalletHub, told USA Today.
Is that a good enough reason to freeze your credit? Even if your Social Security number wasn’t included in a national public data breach, “it has been in a previous breach or will be in the near future,” Papadimitriou said. “The sad reality is that our personal information is out there, and smart consumers just need to make sure they don’t become a tough target for scammers looking to exploit stolen personal information.”
A credit freeze is a good start, he says. Once it’s in place, you’ll need to lift it if you want to open new accounts on your own, like buying a home or a car or getting a new credit card.
“It’s easy to lift the freeze when you actually want to apply for a financial product yourself,” Papadimitriou said.
How to freeze your credit
It’s free to freeze your credit report, but you’ll need to contact all three major credit reporting agencies.
You can submit your request online, by phone, or by mail. According to the General Services Administration, the agency must freeze your credit report within one day if you submit online or by phone. Freeze requests made by mail must be fulfilled within three business days. The agency must lift the freeze within one hour if you request to unfreeze online or by phone, and within three business days if you mail it.
Privacy Policy:How and why to freeze your credit
Other steps to protect personal information after a breach
- Stronger passwords: Strengthen your passwords “by using a unique and complex combination of letters, numbers and symbols,” NordVPN cybersecurity expert Adrianus Warmenhoven said in a breach advisory sent to USA TODAY. “Never use the same password for multiple accounts,” he said. He also recommended using a trusted password manager to securely store these strong passwords.
- Two-factor authentication: Always make sure to use two-factor authentication and answer texts, emails, or push notifications to log into your account, which “gives your account an extra layer of security,” Warmenhoven says.
- Check your statements and credit reports: “In the wake of this data breach, it is important that people regularly monitor their credit reports, bank statements and online accounts and remain vigilant for suspicious activity,” he said.
- Beware of scams. You may see an increase in fake solicitations via email, phone calls, and text messages — “phishing” attempts to get your information. “If you notice an increase in unsolicited calls or emails asking for personal information, remember to only respond if they explicitly request to be contacted,” says Papadimitriou.
- Please consider the following points regarding the protection of personal information: With security breaches becoming more commonplace, Papadimitriou says you might want to consider premium identity protection features. WalletHub Premium offers identity protection and monitoring starting at $6.49 per month, while the Premium+ plan ($11.99 per month) also offers bank account monitoring.
Papadimitriou said free identity protection solutions offer only limited security. “Measures such as freezing your credit files, changing your passwords regularly and signing up for bank account and credit monitoring services can make it harder for criminals to use the information they steal,” he said.
“Just as we all accept that our personal information is out there, we also need to accept that at some point we will be a victim of identity theft,” he said. “That’s why having identity theft insurance and recovery services is as important today as having car insurance.”
Follow Mike Snider on X and Threads: Mike Snyder & Mike Snyder.
What is everyone talking about? To receive the latest news, sign up for our Trends Newsletter
