Social Security data-holding company resumes operations, retaining user information following a major breach.
National Public Data Resumes Operations, Stirring Privacy and Security Concerns
National Public Data, an online background check and fraud prevention service, has made a controversial return after a significant data breach in late 2023. The breach exposed nearly three decades of Social Security records, potentially affecting hundreds of millions of records, including highly sensitive personal identifiers such as names, addresses, dates of birth, and Social Security numbers [1][3].
The service, now under new ownership, operates as a free people search engine, making extensive personal information available, such as addresses, phone numbers, birthdates, relatives, workplaces, and criminal records [3]. However, there is no information provided on how to opt out of National Public Data's search, raising concerns about individual privacy and data control.
The new owners, registered to a Florida-based VPN service, claim to prioritize user data security by implementing robust encryption protocols, regularly updating security systems, and complying with data protection regulations [3]. Yet, the lack of transparency about their data acquisition methods and the history of the past breach casts a shadow of doubt over these claims.
The breach led to numerous lawsuits and caused the former owners to file for bankruptcy [1]. Given the scale and sensitivity of the past breach—one of the largest U.S. data exposures—and the lack of clarity about the new owners and data handling practices, National Public Data’s return raises considerable privacy and security risks. This history and context justify viewing the site's comeback with caution from a security standpoint.
It is crucial for individuals to be aware of the potential risks associated with National Public Data's operations and take steps to protect themselves against identity theft. One such measure is freezing credit to prevent unauthorised access [2]. As more information about National Public Data's new ownership and data handling practices becomes available, it is essential to stay informed and vigilant to protect personal data.
[1] BBC News
[2] Federal Trade Commission
[3] Krebs on Security
- Ai-powered search engines like Google could potentially index personal information from National Public Data, increasing the risk of broad data exposure and the possibility of cybersecurity threats.
- In the context of National Public Data's questionable history and the sensitive nature of the information they handle, it is imperative that internet users maintain strong cybersecurity practices, such as regularly updating software, enabling multi-factor authentication, and staying informed about data protection regulations.
