PeopleConnect confirms data breach affecting 20M users of TruthFinder, Instant Checkmate

PeopleConnect, the parent company of popular subscription-based background check and verification services Instant Checkmate and TruthFinder, has confirmed that unidentified hackers leaked a 2019 backup database containing the info of 20 million users.

 

Sources claim that on January 21, a member of the Breached hacking and data breach forum leaked information about 20.22 million TruthFinder and Instant Checkmate users who had used the services up until April 16, 2019. The data was shared in two 2.9 GB CSV files containing customer information before the backup was created on April 16, 2019.

 

The exposed customer information includes email addresses, first and last names, hashed passwords, and phone numbers. The company launched an investigation and published notices on Instant Checkmate and TruthFinder, confirming that both services suffered a data breach.

 

The company claimed that it appeared to be an accidental leak or theft of a particular list. It hired a third-party cybersecurity company to investigate the incident, but the investigation showed no proof that its network had been compromised. PeopleConnect also cautioned customers to watch out for targeted phishing attacks.

 

TruthFinder is an online service used for various purposes, including background checks, address searches, reverse phone number lookups, and court records search by providing access to public records and other data sources. Instant Checkmate collects detailed information from many sources, such as criminal records, address histories, marriage and divorces, and bankruptcies. When conducting background checks, the sites use publicly scraped data, federal, state, and court records, criminal records, social media, and other sources.