Take Steps to Protect Yourself From the National Database Hack | Information Technology | University of Pittsburgh
!

You are here

Take Steps to Protect Yourself From the National Database Hack

It was recently revealed that a background check company has been hacked, and the information of almost 3 billion people is now available on the dark web for the right price. National Public Database (NPD), a Florida-based company, was hacked in April according to Schubert Jonckheer & Kolbe LLP, the company investigating the breach.

USDoD, a cybercriminal group unrelated to the Department of Defense, stole the information, including names, address histories, relatives, and Social Security numbers going back nearly 30 years. That information was then put up for sale for $3.5 million.

Although individuals don’t actively provide NPD with their personal information, the company aggregates data from public record databases, national and state databases, and court records, including nonpublic sources. This data is then used by a range of organizations, including background check websites, investigators, app developers, and data resellers.

Assume That Your Data Has Been Compromised

This breach is thought to have compromised the information of most people in the U.S., so you should assume that some of your data is included, even though you have never reached out to NPD and given them permission to access or distribute your data.

Cybersecurity firm Pentester has gotten the data and created a tool you can use to see if your information is in the breach – it shows names, addresses, address histories, and social security numbers. You will find it at npd.pentester.com.

This doesn’t mean that any of your data has actually been used to perpetrate identity theft, commit financial fraud, or gain access to any of your accounts. But it’s best to play it safe and assume that you are now at greater risk of becoming a victim of these crimes and other violations of your privacy.

Freeze Your Credit and Remain Vigilant

The recommended steps for personal cybersecurity that we encourage all the time are still some of the strongest defenses against identity theft and financial fraud in the face of this breach. Placing a security freeze on your credit report is particularly effective.

When you freeze your credit, the big three credit bureaus (Equifax, Experian and TransUnion) won't release your report to potential creditors during an application review, which usually results in a denial for new credit accounts. This can help prevent someone from opening a new credit card or loan in your name. It is free and can easily be done online. Just remember that you’ll need to temporarily unfreeze your reports before applying for a loan, financing plan, or new credit card, or you’ll be denied too! Other precautions include:

  • Monitor your financial, credit, and retail accounts to identify odd activity.
  • Watch for phishing (by email) and smishing (by text) scams.
  • Change your password for any account that has been breached.
  • Set up two-factor authentication for every account/service that allows it.
  • Sign up to get free online credit reports from the credit reporting companies
  • Consider subscribing to an identity theft protection service.

You Are the Best Line of Defense

Advances in technology have made life much easier and more convenient, keeping us connected at a global level. But it also presents its own risks, as this data security incident demonstrates. Although we needn’t live in a state of constant fear, remaining alert and aware can help you to protect yourself and your data, finances, and accounts.

Pitt IT takes many steps to ensure that access to your University accounts are verified. But you are the best line of defense. Keep an eye on your accounts, maintain good password habits, and learn to recognize a scam when one crosses your desk. Check out the Pitt IT Security Hub to learn more about keeping yourself safe from bad actors.

-- By Karen Beaudway, Pitt IT Blogger