According to a lawsuit, allegedly 2.9 billion people may have had their Social Security numbers and other financial data stolen!
A new proposed class action lawsuit claims that approximately 2.9 billion people may have had their personal data hacked. If these reports are accurate, it could mean that almost all Americans have had sensitive information exposed and stolen, including full names, addresses, Social Security numbers, and details about relatives.
The alleged breach happened in April 2024, involving a background check company, that offers instant access to billions of records, operating under the name National Public Data. According to the lawsuit, the company failed to protect the information it had gathered.
“If this turns out to be accurate… then it would just basically mean that everyone’s affected”, said Cliff Steinhauer, director of information security and engagement at The National Cybersecurity Alliance, a nonprofit organization focused on cybersecurity awareness and education.
However, James E. Lee, COO of the Identity Theft Resource Center, suggests that the breach might not be as widespread as the reports claim. He points out that if multiple records per person were exposed, the total number of individuals affected could be lower. Moreover, some of the leaked information could have already been accessible elsewhere.
Data Vulnerability
Experts warn that this latest breach is another reminder for people to stay vigilant, once major data breaches are nothing new. In 2017, the Equifax breach affected about half of the U.S. population, and Yahoo experienced a breach in 2013 that may have exposed the accounts of 3 billion people.
“It’s not a matter of if, it’s a matter of when. I’d be surprised [if] there are many people who haven’t been affected by a data breach like this already, just because of the sheer number of breaches that have happened that contain similar data”, Steinhauer said.
When data is compromised, consumers are typically notified through data breach alerts from affected companies. Although direct links between a breach and identity theft can’t always be proven, Lee warns that once your information is exposed, the risk doesn’t go away.
“We’ve got enough data now to say if you get a data breach notice, there’s a high likelihood that you’re going to suffer an identify crime at some point within 12 months”, Lee noted.
How To Protect Yourself
According to experts, the most effective way to protect your personal information is by placing a freeze on your credit reports. This limits access to your credit files and is especially important if you believe your data has been compromised.
Freezing your credit is free and can be done quickly by contacting the three major credit bureaus – Equifax, Experian, and TransUnion – individually. While a freeze will restrict access to your credit reports, certain entities may still be able to view them. However, the freeze doesn’t just stop malicious activity. If you plan to apply for new credit, like a credit card or loan, you’ll need to temporarily unfreeze your credit first to avoid being denied.
When freezing your credit, make sure you are using the correct websites for the credit bureaus and avoid using public Wi-Fi, as hackers could exploit these vulnerabilities, Steinhauer advised. He also suggested that people secure their accounts with strong, unique passwords and enable multifactor authentication (MFA), which adds an extra layer of security.
Additionally, some consumers may opt for dark web monitoring services to alert them when their information is exposed. While this can provide some reassurance, Lee noted that it won’t prevent identity theft.