Hacker dumps 3 billion personal records stolen from the National Public Data

A threat actor has reportedly dumped close to 3 billion sensitive personal data records belonging to the National Public Data, a service provided by Jerico Pictures Inc.

Recently, a threat actor, going by the name “Fenice” leaked 2.9 billion records containing sensitive personal data belonging to the National Public Data (NPD). Jerico Pictures, the company in charge of NPD, is a background-checking service provider which collects personal data of individuals from non-public sources.

According to Hackread.com, the huge trove of data is divided in two links, totaling to a whopping 277 GB worth of information. The leaked database contains names, addresses, cities, counties, states, ZIP codes and Social Security Numbers in plain text which poses significant threat to affected individuals.

In April, another threat actor going by the name “sxul” claimed that they infiltrated the internal network of NPD and stole a personal information database which they offered to sell for $2 million on the dark web.

NPD is currently facing multiple lawsuits for failing to protect the personal data of millions of individuals. One of the plaintiffs, Christopher Hofmann, said that he never directly shared his personal data with NPD. In fact, he added, that without the assurance that the data would be secure with proper protective measures in place, he would not share any of his personal data.

In his lawsuit, Hofmann alleged that Jerico Pictures has a responsibility to protect his personal data from being made public as the company derived benefit from acquiring, storing and using his data. 

The lawsuit seeks monetary damages from Jerico Pictures over invasion of privacy, the breach of personally identifiable information, and lost opportunity costs associated with attempting to mitigate the consequences of the breach.