In September 2024, millions of personal records were compromised in a massive breach at National Public Data. The exposed information includes names, email addresses, mailing addresses, phone numbers, and even personal identification numbers for up to 2.9 billion individuals. With this data in the wrong hands, both individuals and businesses face serious risks of identity theft and fraud. In this article, we’ll explain what happened, why it’s dangerous, and steps you can take to protect yourself.

The National Public Data Breach – What You Need to Know

What Happened?

National Public Data, a broker that provides criminal records, background checks, and public data to various organizations, was breached in December 2023. A third-party hacker gained access to its system, and by April 2024, the stolen data was posted online. In August, this data became freely available on various breach forums.

The compromised data includes names, phone numbers, addresses, email addresses, and SINs of millions of people, including deceased individuals. In some cases, previous addresses and alternate names were also included. While some of this information is publicly available, having it all in one place significantly increases the risk of fraud.

Why Is This Data Breach a Big Deal?

Even though much of the data can be found through public sources, having this information compiled in one place makes it easier for cybercriminals to commit fraud. Here are some risks to consider:

  • Identity Theft: Criminals can use your personal details to apply for loans, credit cards, or open new bank accounts.
  • Security Questions: Information like your childhood street name or the last four digits of your SIN can be used to bypass security questions and gain access to your accounts.
  • Increased Scams: Cybersecurity experts predict a rise in phishing and smishing (phishing via SMS) attacks as a result of this breach.

To protect yourself online, you can check our guide about 5 simple ways to protect your privacy online.

Can You Be Affected Even If You Haven’t Heard of National Public Data?

Yes. Even if you haven’t directly interacted with National Public Data, other businesses, landlords, or organizations may have used their services to gather information about you. This means your personal data could still be part of the compromised records.

3 Steps to Protect Yourself After National Public Data Breach

Here are key steps you can take to protect yourself if your data has been compromised in a public breach:

1. Check If Your Information Was Leaked

You can check if your data has been exposed using online tools designed for data breach alerts. If your information is found, take immediate steps to protect yourself.

2. Freeze Your Credit and Review Your Reports

One of the best ways to safeguard your identity after a breach is to freeze your credit. A credit freeze makes it much harder for criminals to open new lines of credit in your name. Here’s how to do it:

  • Contact the major credit bureaus: Equifax, TransUnion, and Experian.
  • Request a credit freeze and get a copy of your credit report.
  • Review your report for any unauthorized activity and set up alerts for ongoing monitoring.

The process is free and takes less than 10 minutes per bureau. Consider freezing credit for anyone in your household who is over the age of 18, as they are also vulnerable following a breach of this scale.

3. Be Cautious of Phishing Scams

Following a breach, cybercriminals may attempt to scam you via phone calls, text messages, or emails. Be cautious about unexpected communications asking for personal information which is also known as phishing. Always verify the legitimacy of the sender before responding or clicking on any links.

How Businesses Can Protect Themselves After a Data Breach

For business owners, data breaches can have lasting consequences. Whether your customers' or employees' data has been compromised, it’s critical to take immediate action to safeguard your systems. At MYDWARE IT Solutions, we offer a FREE Cybersecurity Risk Assessment to identify potential vulnerabilities in your network. This assessment will provide you with a detailed action plan to enhance your business’s cybersecurity.