National Public Data Breach: How 2.9 Billion Personal Records Were Compromised and What It Means for Your Business

Recently, the security world was set on edge with news of the largest data breach in history. Multiple news outlets reported that the personal data of almost 3 billion people had been compromised. Not only was it personal data, it was highly sensitive data, such as Social Security Numbers (SSNs), addresses, and even information about relatives. Let’s learn more about this extremely concerning data breach and how it happened.

What happened?

The recent “largest ever” data breach was carried out on a company called Jerico Pictures Inc., which is doing business as National Public Data. The amount of data and individuals affected is so vast that it even rivals the now famous Yahoo! Data breach that happened in 2013.

The breach is reported to have happened on April 8, 2024. A hacker group known as USDoD posted a breached database on the dark web which they called “National Public Data”. The group claimed they had data containing the information of 2.9 billion people in the leaked DB.

The hackers then posted the price of the database at $3.5 million. As it turns out, a California resident, named Christopher Hofmann, received notification from an identity monitoring service on July 24, that his data had been exposed on the dark web.

What was also alarming about the data breach is that the overwhelming majority of compromised users didn’t know their data was being harvested and held in their database.

Lawsuit filed

Mr. Hofmann filed a complaint with the US District for the Southern District of Florida. In the complaint it alleges the breach was a direct result of the National Public Data’s lack of securing the sensitive data was secured properly. The lawsuit seeks monetary damages and demands that National Public Data take several corrective steps to make sure this type of data breach doesn’t happen again in the future. 

Also, National Public Data is coming under fire for failing to immediately notify individuals who had their information stolen, which shows they were not prepared to deal with a cybersecurity incident.

How Did It Happen?

Now to the million-dollar question: how did this happen? Not a lot is known about the exact details of how the hackers were able to exfiltrate the database from National Public Data. However, it definitely shows there was a critical breakdown in cybersecurity practices and protective layers.

In the lawsuit, outright negligence is alleged, allowing the cyberattack to take place. We can only speculate that attackers could have exploited known vulnerabilities or used something like phishing attacks to gain access to high-level credentials. Their web applications may not have been secured properly, or they may have had very weak internal security practices.

The fact of the matter is that it highlights an extremely important challenge and requirement that companies that are handling personal data do so in a way that is responsible and includes proper cybersecurity layers to prevent sensitive data from falling into the wrong hands.

What this means for organizations

This now largest-ever data breach should serve as a wake-up call for any organization that handles personal data or any other sensitive information. Sensitive data must have stringent security protocols and the right security solutions protecting it to make sure the data doesn’t fall into the wrong hands. It also highlights the severe consequences of mishandling sensitive data and allowing it to be compromised.

Here are other takeaways for organizations to learn from the recent breach:

1. Data collection: Businesses must acknowledge the data they collect and this is especially the case when the data is sensitive in nature. When non-public sources are used as the source of scraped data, as in the case of National Public Data, this should be done with transparency and caution and should always be in compliance with data protection regulations.
2. Data encryption: Encrypting data both at rest and in transit is a basic security practice that can help to prevent attackers from ever getting their hands on the contents of the data, even if it is stolen. 
3. Proactive risk assessments: Organizations today must perform proactive risk assessments of all systems to find holes and vulnerabilities before hackers do. Also, this includes cloud SaaS environments and third-party apps that are used by organizations leveraging cloud SaaS environments.
4. Ransomware protection: Ransomware is a huge threat these days and can hold victim data hostage and exfiltrate data to be leaked to the dark web for double extortion tactics.
5. Automated incident response: Incident response can no longer rely on manual processes and procedures. Cyber Attackers are using automation and AI-driven attack tools. So, organizations today must use cutting-edge tools and cybersecurity solutions that use automated incident response to level the playing field. 

SpinOne provides AI-driven automated SaaS Security

With this latest breach that has exposed the personal data and information of nearly 3 billion people, businesses today storing critical and sensitive data need to have the right tools to protect that data. SpinOne is a market leader SaaS security platform that helps businesses protect their critical cloud SaaS environments from many different threats and protect data from data leaks, ransomware, and exfiltration.

It focuses on automated risk assessments and cybersecurity policies, and it helps provide proactive threat detection. Take a look at the following capabilities of SpinOne that align with the needs highlighted by the recent breach of National Public Data:

• Automated Risk Assessments: Let’s face it, risk assessments are hard and challenging using manual efforts. However, SpinOne provides automated risk assessments using artificial intelligence and machine learning to continuously evaluate risks of cloud SaaS apps. You can use the risk score provided to drive policies applied to the organization and automatically prevent certain apps from being used or vulnerabilities from being exploited as may have been the case with National Public Data.
• Automated incident response: SpinOne uses advanced machine learning to monitor for activities that are out of the ordinary, such as unusual data downloads or unauthorized access attempts. It helps admins and SecOps to rapidly identify suspicious or malicious behavior. This can also trigger automated responses to contain potential threats.
• Data sharing visibility: SpinOne provides full visibility of who is accessing data across the organization, including those with whom data has been shared. It provides real-time visibility and helps detect and respond to potential data leaks.
• Policy-driven enforcement: SpinOne gives businesses the tools to have policy-driven enforcement. This allows admins to enforce data handling governance and compliance regulations best practices with automated controls. This helps to reduce risks to sensitive data.
• Ransomware Protection: Ransomware attacks are rampant, with a recent attack that made history as the highest ransom ever paid by a victim. SpinOne provides protection against and blocks ransomware attacks using automated processes. It also uses automatic backup and recovery of encrypted files so that data can be recovered quickly. It has an industry-leading two-hour SLA for recovering from a ransomware attack.
• Security auditing and reporting: SpinOne provides automated security audits and detailed reporting that you can access to monitor security posture and make sure of compliance regulations. These tools help with transparency and accountability.

Wrapping up

This latest record-setting breach of National Public Data is a reminder to organizations worldwide that data, especially sensitive data, is always a target. Attackers go after data containing private information of individuals, like names, addresses, social security numbers, credit card numbers, and other private information. Proper security is no longer an afterthought. It is at the top of the list for companies that want to be successful in this modern age.

SpinOne is a modern, state-of-the-art cybersecurity solution that provides automated risk assessments, proactive threat detection, and policy enforcement to help businesses protect their data and make sure of compliance. 

If you are interested in seeing how SpinOne can help prevent data leaks and breaches in your organization, sign up for a free demo here: https://spin.ai/demo.