Image 01 Image 03

Social Security Number of Every American May Be Compromised after Massive Data Hack

Social Security Number of Every American May Be Compromised after Massive Data Hack

Almost 3 billion records compromised in hack on US background-checking firm, who appeared to be collecting data without the consent of those whose information was being gathered.

https://www.usa.gov/features/four-reasons-not-to-put-off-signing-up-for-a-my-social-security-account;

It is now being widely reported that a member of a notorious hacking group has released sensitive personal information four months after compromising a major data broker.

The group, USDoD, claimed it stole over 2.9 billion records of personal information from Americans, including their Social Security numbers and physical addresses.

The breach, which includes Social Security numbers and other sensitive data, could power a raft of identity theft, fraud and other crimes, said Teresa Murray, consumer watchdog director for the U.S. Public Information Research Group.

“If this in fact is pretty much the whole dossier on all of us, it certainly is much more concerning” than prior breaches, Murray said in an interview. “And if people weren’t taking precautions in the past, which they should have been doing, this should be a five-alarm wake-up call for them.”

According to a class-action lawsuit filed in U.S. District Court in Fort Lauderdale, Fla., the hacking group USDoD claimed in April to have stolen personal records of 2.9 billion people from National Public Data, which offers personal information to employers, private investigators, staffing agencies and others doing background checks.

The group offered in a forum for hackers to sell the data, which included records from the United States, Canada and the United Kingdom, for $3.5 million, a cybersecurity expert said in a post on X.

It appears the breach occurred sometime this spring.

According to a class action lawsuit, NPD obtained the data without consent, and the breach occurred sometime in April 2024.

The lawsuit alleges that “upon information and belief” USDoD was “able to exfiltrate the unencrypted PII of billions of individuals” and that the personal information was “published, offered for sale and sold on the Dark Web by cybercriminals.”

In terms of the lawsuit, the issue is that the data the firm collected was scraped from other websites and “non-public sources” without the knowledge of the people whose data was being gathered.

The lead plaintiff in the lawsuit, a California man, was only made aware his data had been compromised when he was contacted by his identity-theft protection agency on 24 July, months after the data had been offered for sale on a popular clear web hacking forum.

While the initial post is no longer live – the forum in question had been seized by the FBI in the interim – the details of USDoD’s claims are still recorded by threat-tracking service Falcon Feeds.

“Hello… I’m proud to say that I got access to the biggest database ever,” USDoD said in a 7 April post.

“This is the entire population of the USA.”

The data for sale, according to USDoD, was collected between 2019 and 2024, and while we do now know the full extent of the breach, at the time, the threat actor only said that the data consisted of “300+ million rows”.

“I’m selling the whole database,” USDoD said. “We will use official middleman from forum.”

Security professionals offer suggestions on how Americans can protect themselves from identity theft.

People should monitor their credit reports for possible fraudulent activity on their accounts and notify credit bureaus Experian, Equifax, and TransUnion if something looks suspicious.

Consumers can ask the credit bureaus to place a freeze on their credit accounts by phone or email to prevent anyone from opening a bank account and taking out a loan or obtaining a credit card under your name.

There is also a service that monitors your accounts and the dark web to protect you from identity theft, the Los Angeles Times noted.

It is also good to manage your passwords and to use two-factor authentication for the passwords. You should avoid using the same login information for different services and make sure to routinely change your password on your accounts.

2024 keeps on getting more and more disturbing.

DONATE

Donations tax deductible
to the full extent allowed by law.

Comments

Gee, those shape-shifters have done it again…first, it was the Russians colluding with Trump, then it was Trump colluding with Russia.
Now the Iranians get the blame for hacking and yet another plausible deniability cloak for the CIA.

    JohnSmith100 in reply to scooterjay. | August 15, 2024 at 8:36 pm

    This is not may, it was hacked and contains virtually all of everyone’s information. I think they may have to issue everyone’s SS, they will have to stop using personal question, like birth, all of it will have to be thrown out.

    I have been using 16 digit random passwords for some time in lieu of those things for years. I also assign a unique email address to most orgs, then if I get anything coming in on that account not from the intended contact, I know it is either hacked or the pricks sold it.

nordic prince | August 15, 2024 at 7:09 pm

Time to go live in the woods or on a mountaintop somewhere.

Maybe find one of those islands in the Pacific where a Japanese soldier’s been living for the past 70 years because he hasn’t heard that they surrendered in 1945.

Don’t worry — if you’re under age fifty, there won’t be any money left for you to collect from this generational theft scheme, by the time you reach withdrawal age, anyway.

Save and invest on your own — do not rely on the State to provide for you, in retirement.

    Ironclaw in reply to guyjones. | August 15, 2024 at 7:19 pm

    Don’t remind us, it’s very depressing

    CommoChief in reply to guyjones. | August 15, 2024 at 7:35 pm

    There will be a haircut of about 25% upcoming in about a decade +/- if no changes are made. Frankly I’m over it. I tried to raise awareness and push for reform to Social Security as part of getting to a balanced budget but 95% of the folks ain’t interested or are adamantly opposed. I got called every name in the book for pointing out the looming cuts due to a shortfall caused by underfunding and automatic COLA increases. The would not hear it so they can flipping deal with it when their payment is cut by 25% or more. Sure as heck gen X and the younger generations ain’t gonna cough up more $ in taxes to prop up those who wouldn’t voluntarily help shore up the system by sharing the burden when it would have been
    far, far less painful. Not when we’ve been paying current SSI/Medicare tax rates on wages from our first check.

      guyjones in reply to CommoChief. | August 15, 2024 at 8:14 pm

      Instituting substantive and meaningful reform to SS and Medicare have been made impossible, thanks to the Dhimmi-crats’ longstanding and histrionic demagoguery on the issue, which admittedly has been politically potent and reaped dividends for them, at the ballot box.

        CommoChief in reply to guyjones. | August 15, 2024 at 9:54 pm

        True but lets not forget the very loud and extremely vocal assistance of groups like AARP. shouting about ‘throwing Grandma off a cliff’. There are still people who believe that their own contributions fully pay for their SSI benefits which has never been true. In reality those retiring today get every cent back within 5 years on average. Current SSI/Medicare taxes were set in ’86 and boomers didn’t pay full freight for a substantial portion of their working life. Then there’s the surprisingly large number of pre reform local gov’t jobs whose employer didn’t participate in the SSI system.

        I built my own financial plan to accommodate zero SSI so anything I get from it is gravy. Eff it is basically my position at present. I suspect when we get a little closer to the day of reckoning the boomers gonna squeal to raise SSI taxes or transfer funds from general revenue to keep their checks flowing. Gonna be real interesting for some folks especially those with a public pension from say Illinois or another vastly underfunded pension source. All these trains gonna be colliding very close together and I don’t believe most of those who will be impacted really understand how bad their situation may become. Lead a horse to water but…

          txvet2 in reply to CommoChief. | August 15, 2024 at 10:05 pm

          Doesn’t matter how you built your retirement. SSI makes up a small part of my retirement, too, but when the crap hits the fan, it’s going to take everything else with it, including all of your and my private accounts (although I plan on being safely dead by then).

          healthguyfsu in reply to CommoChief. | August 15, 2024 at 11:44 pm

          The people of and near retirement age at the time of FDR’s sweeping ponzi scheme got the best deal and passed the debt on to everyone else at inception.

          Let’s not forget that part of it, too.

          Also, saying you get back what you put in 5 years in is disingenuous. It completely ignores that dollar for dollar doesn’t work in terms of value over 50 years and it completely ignores investment potential.

          healthguyfsu in reply to CommoChief. | August 15, 2024 at 11:46 pm

          Agree with tx that this could have huge ripple effects the likes of which we haven’t seen since the Great Depression.

          It won’t be quite as big, but it will be significantly greater than a recession. Think about the fact that we are edging closer to an upside down population distribution similar to Japan WITHOUT their physical health profiles.

          CommoChief in reply to CommoChief. | August 16, 2024 at 6:31 am

          Guys,

          SSI shortfall of 25% ain’t gonna blow up the financial/economic system by itself. That’s gonna come from a combo of many other factors. As for SSI payout and returns…sure it doesn’t consider opportunity cost but that’s not the argument I made. Then consider that most average folks ain’t exactly Warren Buffet, the retail investors are referred to as ‘dumb money’ for a reason so I don’t think its fair to assume everyone would have made prudent investments or remained disciplined enough to avoid making emotional decisions out of fear.

          Then consider average life expectancy for men at age 65 is 82, women is 85 so they gonna draw way more than 5 years. It’s 17 years for men and 20 years for women. Then add in the spousal claim options and the absurdly low period of contributions to qualify, ten years. If I had my way SSI would have allowed voluntary redirection of the taxes into individual accounts for the past 3+ decades… but the public listened to the pied piper (AARP) instead.

          Best advice is own your home outright, no debts, have a garden, make friends with neighbors. Get some PM, use an annuity to transfer some risk. Keep multiple accounts to lower the balance in each account to potentially stay under some threshold above which a future gov’t decides is eligible for seizure via a ‘buy in’. For sure don’t sit back and refuse to plan for an extended economic/financial period of crisis/hard times b/c its easier to blame the gov’t.

          gibbie in reply to CommoChief. | August 16, 2024 at 10:53 am

          ComoChief,

          “If I had my way SSI would have allowed voluntary redirection of the taxes into individual accounts for the past 3+ decades… but the public listened to the pied piper (AARP) instead.”

          I agree, but … Given the number of stupid investment decisions I have made, and the fact that about half of the population have two digit IQs, I’m not sure individual accounts would save us. Given that all of our institutions are corrupt (except our elections, of course), how can we trust fund managers?

          It looks like we are headed for some hard times.

          CommoChief in reply to CommoChief. | August 16, 2024 at 12:44 pm

          gibbie,

          Yeah that’s why I made the remark about ‘dumb money’. I had some older relatives flipping out about the stock market in late 07/ early 08. I was home on leave and begged them not to sell their position in high quality dividend paying equities. They couldn’t hold out emotionally due to fear and sold near the bottom in ’08 after a the market lost close to 50% in value. They didn’t need anything but the income from dividends which were.still being paid out but fear drove them to bad decisions.

          End of the day we gotta allow Adults to make their own decisions and let them sink or swim as grown-ups. Unfortunately we, as a.society, have moved to remove individual consequences for bad decisions which also removes individual liberty and squelched individual ability to flourish in favor of a more socialist, collectivist system.

      docduracoat in reply to CommoChief. | August 16, 2024 at 9:54 am

      The plan is to cut benefits by 25%
      There is no need to do anything else.
      Ideally, those under 30 will be removed from paying into social security

        CommoChief in reply to docduracoat. | August 16, 2024 at 12:36 pm

        The path of least resistance at this point politically is to leave it alone, lay back and let it happen. Everyone keeps paying current rates and benefit levels drop to the level of revenue coming in. This is the reason FOR the 25% shortfall; the hole was plugged by redemption of the prior SSA intergovernmental debt and that accumulated debt owed by Treasury to SSA runs dry in ’34 (ish). Without new revenue from younger workers there’s nothing to pay benefits with. Younger workers being relieved of SSI and Medicare taxes is a pipe dream; unless we junk separate taxes roll SSI/Medicare onto regular books and use general revenue from increased taxes on income and who knows what to fund it.

        There’s a lot of intergenerational resentment and anger about SSI/Medicare revenue/benefit problems coming to head real soon. It is possible to kick the can for less than a decade and that’s what’s gonna happen IMO, then things get real.

      SickandTiredinOhio in reply to CommoChief. | August 17, 2024 at 12:32 am

      They started “borrowing” money during LBJ’s reign, writing nice, useless IOUs.

        The funds ‘borrowed’ from SSA by Treasury have been/are being paid back to SSA with interest. Those funds, the accumulated SSA taxes of prior years, were looked as ‘special Treasury bonds’ to the Treasury/Fed Gov’t. The Treasury pays back interest and principle to the SSA. The total has shrunk over the decades as a higher % of the funds are paid out to SSI recipients.

        The problem for SSA is that the existing assets, those ‘special Treasury bonds’ will have all been paid back both principle and interest in 2034. Then the SSA only has current revenue from Social Security taxes to send out to beneficiaries. That’s why there’s a shortfall in projected payments of roughly 25%. The money didn’t ‘disappear’. The Treasury borrowed it to buy the ‘guns and butter’ that Congress and POTUS decided to spend it on. They paid it back, every cent, with normal revenue from taxes on income, estates, capital gains.

        The true problem is that public really likes to get benefits such as SSA…but has less desire to pay for these programs via the much higher taxes that would be required to pay for them with current revenue instead of borrowing money. The beneficiaries have long opposed any cuts or modification so the problem grew. In 2034 every dollar in SSI tax ever collected and borrowed will have been paid back to SSA. Current revenue will be able to fund only 75% of benefits.

        TLDR – those IOUs from Treasury to SSA will/are being paid back, every dime + interest, but they will all be exhausted in ’34 and only annual revenue from SSI tax will be available to pay benefits. So to make up the shortfall SSI taxes must be raised or $ from general tax revenue must be allocated (which means other things won’t be funded or higher income taxes) or we accept the reduction in benefits down to the level that annual SSI tax revenue is able to support.

        I despise the SSA system. It’s a stupid program designed to fail as it is, IMO, damn near a ponzi scheme. However the bulk of the public loves it, refused to make any changes when the changes would have been far less painful and yet doesn’t seem to want to pay for the costs of the program.

After this and countless other hacks, I suspect I’ve been bought and sold a half dozen times or more. I wonder how much I go for?

    txvet2 in reply to Concise. | August 16, 2024 at 1:05 pm

    Probably you’re worth more to companies like Norton that claim to protect you from all of that, for a price.

Just in time to get those ID cards requested and processed for the upcoming election. I wonder what percentage of the voters will find that someone else cast a vote in there name this time.

I just put a freeze on new creditors asking for credit scores from any of the three credit score companies in the US: Experian, Equifax, and TransUnion. Other than that, I tend to think it’s the creditor’s problem. They are far too free with their services.

    I agree, creditors and service providers are far too free with their accounts.

    True story: I got contacted by a collections company because someone in another state had opened an AT&T/U-verse account in my name and then didn’t pay the bill. So I had to file all the paperwork affidavits and police reports and provide utility bills for my actual residence during the time the account was created, to show that it wasn’t me.

    Here’s the kicker, though: I’ve been an AT&T customer for going on 20 years. They have my SSN, they know where I live, they have my phone number (which they provided), and my account requires that I personally approve any new services.

    So when someone went in, in another state, with my name and SSN, and tried to open an account, how the #@$% did it not come up on their screen that I’m an existing customer who needed to be called about this new service?

    But nope. For lack of that phone call, they’re out whatever the misreant “bought”, and I’m out the time, energy, and expense of gathering all the required documentation to sufficiently prove identity theft.

      DaveGinOly in reply to Archer. | August 16, 2024 at 12:42 am

      Funny thing about the SSN. If you’re wrongly declared dead, it’s of no use to prove your identity to demonstrate proof-of-life. But anyone else can steal your SSN and every entity it’s presented to will immediately accept it as proof that the malefactor is who he says he is (you). Why is that?

Every social security number has been compromised from the beginning. The form 1040s used to arrive with the SS number printed on the address label for anybody to see. The SS card had the legend “Not for identification.” It was useless except for filing tax returns.

Anonymous banking changed that – they needed a unique number to file your data under and picked the SS number, and opened the SS number to fraud as a result. There’s been a slight change in that by asking for cell phone number instead now. Any unique number will do.

    henrybowman in reply to rhhardin. | August 16, 2024 at 12:56 am

    When Social Security was first debated [in 1935] in the [Franklin D.] Roosevelt Administration, the president himself assured American citizens that a Social Security number would never be used for identification purposes.
    –VIN SUPRYNOWICZ

    FOR SOCIAL SECURITY PURPOSES ONLY — NOT FOR IDENTIFICATION.
    –THE SOCIAL SECURITY CARD (1936-1972)

    Hereafter any Federal department, establishment, or agency shall, whenever the head thereof finds it advisable to establish a new system of permanent account numbers pertaining to individual persons, utilize exclusively the Social Security Act account numbers…
    –EXECUTIVE ORDER 9397, FRANKLIN D. ROOSEVELT (1943)

    We have to accept that the Social Security number is the de facto national identifier and its use by government agencies at all levels and the private sector is too embedded to change.
    –JAMES G. HUSE JR, INSPECTOR GENERAL, SOCIAL SECURITY ADMINISTRATION (2001)

    (Democrats): If you like your identity, you can keep it. We Promise™!

Everyone should handle their financial affairs under the assumption that all of their ‘NPI’ has been compromised. You can certainly do so without getting ripped off, with a bit of effort and diligence.

Not to worry folks, the company will offer 2 years of free credit bureau checking.
No money or anything like that, just 2 years of free credit bureau.
Just got that notice from my health company, they’re hacked but they’re offering the 2 years AND telling us how to protect our information.
Maybe they should learn how to protect our information instead?

destroycommunism | August 15, 2024 at 11:18 pm

gop allowed the fdr system of equity to flourish

it is wreaking its havoc upon us

JackinSilverSpring | August 15, 2024 at 11:35 pm

Does anyone know how National Public Data was able to gather all that information? I’ve seen two reports on the hacking *one in Breitbart and one here) but neither has provided information on how NPD acquired all that information.

E Howard Hunt | August 16, 2024 at 8:17 am

Remember the social security Lock Box? Turned out it was made by Fisher-Price,

The Gentle Grizzly | August 16, 2024 at 8:19 am

I spent part of yesterday morning changing the passwords for banking, healthcare, and utilities. Where it was allowed, I also changed the log-in name.

Over the decades I have had maybe two false uses of my credit cards and those were swiftly handled by Visa. The only other thing I had was something about a property tax lien and it wasn’t me. I traced it to an improper assumption someone made, and that, too, was resolved with about twenty minutes of phone calls.

I think one of the dumbest uses of the SSN was when the US military used them as your serial number.

    As of 1 July 1969, my Air Force SN was no longer used. The SSAN was used subsequently. PINs I use now are based on that AFSN because nobody should have it. Better, I have used PINs based on the Army SN of a friend who enlisted a year before I went in the USAF. I also have my late father’s Army SN from World War 2, and who’s going to know that one?

    So using the military serial number can be a good thing.
    .

      The Gentle Grizzly in reply to DSHornet. | August 16, 2024 at 9:39 am

      I use PINs based on odd things that cannot be traced including service numbers of relatives, or past house numbers.

      Thank you for saying PINs and not PIN numbers. Personal Indemnification Number Numbers, which we use at Automatic Teller Machine Machines.

SeiteiSouther | August 16, 2024 at 11:15 am

I’ve been popped three times, mainly at the CC level. Of those three times, one was when someone tried to claim unemployment at the state level. Got all of it shut down.

For my credit cards, if they have a e-lock on them, I keep them locked until I need to use them, then I promptly lock them again.

This is just another headache I have to deal with.