A significant data breach impacting billions of personal records has come to light, raising concerns about one of the most substantial security lapses in internet history. A user known as “Fenice” allegedly released a comprehensive version of stolen data from background check company National Public Data on a prominent hacking forum, surpassing previously leaked portions in completeness.
This latest leak, publicized on August 6th, reportedly comprises 2.9 billion individual records. Fenice attributes the breach to a hacker identified as “SXUL,” contradicting earlier claims implicating “USDoD.” While prior data dumps existed, Fenice’s release is believed to be the most extensive. However, discrepancies exist within the dataset, including inaccurate Social Security numbers.
Although official confirmation regarding affected individuals is pending, numerous individuals corroborated with BleepingComputer that the breach compromised their personal and familial data. The inclusion of previous addresses within the leaked data suggests the source may be an outdated backup.
Initial reports of this breach emerged through a class-action lawsuit covered by Bloomberg Law. The suit alleges that National Public Data (NPD), also known as Jerico Pictures, harvested data from non-public sources for personal background checks. Despite the legal action and growing evidence, NPD has yet to acknowledge the breach or explain its circumstances. Consequently, any new information should be treated cautiously. Many individuals were unaware NPD possessed such extensive personal data.
The lawsuit further accuses NPD of various offenses, including breaches of fiduciary duty and unjust enrichment.
