NPD breach: Locking down member safety

Massive data breach hits NPD

In August 2024, the hacker known as “USDoD” (previously known as NetSec) claimed responsibility for one of the largest data breaches in history, affecting nearly 2.9 billion individuals. The breach targeted National Public Data (NPD), a company that specializes in background checks and exposed highly sensitive personal information, including Social Security numbers, full names, addresses, dates of birth, and phone numbers. The stolen data was subsequently posted on a dark web bulletin board, which was made available for download to anyone with access to it.

Who is USDoD?

“USDoD” is believed to be an individual hacker operating from a country that does not prosecute cybercrimes against certain nations. Despite their provocative name, likely alluding to the U.S. Department of Defense, little is known about their actual location or identity. Their recent exploits have garnered significant attention due to the scale of the data they have compromised.

What happens to the stolen data?

Once in possession of stolen data, groups and individuals like “USDoD” typically engage in a variety of activities to monetize the information. These activities include selling data on the dark web, committing identity theft, launching phishing attacks, and even engaging in extortion.

Steps members can take to protect their identity

Given the scale and severity of the NPD data breach, it is crucial to act swiftly to communicate and protect your members’ identity. Don’t forget young children and elderly family members could be exploited if their data was included in the data breach.

Members, here’s what you can do:

1. Freeze credit: Place a credit freeze with the three major credit bureaus—Equifax, Experian, and TransUnion. This will prevent identity thieves from opening new accounts in your name. Consider setting up online accounts with each bureau to prevent unauthorized access using your stolen data. If you need assistance, contact the bureaus using the numbers provided:
   • TransUnion: 800-916-8800 (https://www.transunion.com/credit-freeze)
   • Equifax: (888) 298-0045 (https://www.equifax.com/personal/credit-report-services/credit-freeze/)
   • Experian: 888-397-3742 (https://www.experian.com/freeze/center.html)
2. Enable fraud alert: If you used the pentester.com search and it reported that your information may have been included in the breach, it may also be a good idea to place a fraud alert on your credit file. You can use the same numbers above or go to each website for TransUnion, Equifax, and Experian to follow instructions for placing a fraud alert on your credit file.
3. Review credit reports: Obtain free copies of your credit reports from Equifax, Experian, and TransUnion via AnnualCreditReport.com. Review the reports for any inaccuracies or unfamiliar accounts and dispute any errors with the credit bureaus.
4. Be vigilant against phishing: Be cautious when receiving unsolicited emails, texts, or phone calls asking for personal information. Cybercriminals often use phishing tactics to trick you into revealing sensitive details. Remember, phone numbers were included in this breach.
5. Monitor financial accounts: Regularly review your bank statements, credit card accounts, and other financial transactions for any unauthorized activity. Set up alerts with your bank and credit card companies to receive notifications of unusual charges.
6. Activate two-factor authentication: Enable two-factor authentication (2FA) on your financial accounts and other sensitive online services. This adds an extra layer of security by requiring a second form of verification, such as a code sent to your phone, in addition to your password.
7. Set up online accounts: Secure and monitor your government-related online accounts by setting up accounts on gov, id.me, irs.gov, and ssa.gov. These accounts provide secure access to important government services and help protect your personal information from unauthorized use.
8. Consider identity theft protection services: Identity theft protection services offer comprehensive monitoring and alerts for suspicious activity, as well as assistance in restoring your identity if it is compromised.

By taking these proactive measures, credit union members can significantly reduce the risk of identity theft in the aftermath of the NPD data breach. While no action can completely eliminate the risk, these steps can provide a strong defense against the misuse of members’ personal information.

Note: If your members suspect their data may have been compromised, the researchers at Pentester.com have created a tool to help them check if their personal information was part of the NPD breach. While it’s not guaranteed, this resource can guide members in determining whether further action is needed. Members can visit https://npd.pentester.com/search to see if their data was affected.

Be on the lookout for the remaining installments in this Behind the digital curtain series: Exploring modern cyber threats:

• Generative AI: Innovation’s Double-Edged Sword
• Inside Phishing Kits: How Cyber Criminals Lure Victims