Multiple lawsuits have been filed following a significant data breach that exposed an estimated 2.9 billion Social Security records. Eight class-action lawsuits have been launched against Jerico Pictures, a Florida-based company operating as National Public Data, after a database containing personal details—including Social Security numbers, names, addresses, and contact information—was put up for sale on the dark web in April 2024.
One of the lawsuits, filed on August 1 on behalf of California resident Christopher Hofmann and over 100 others in the U.S. District Court of Southern Florida, alleges that a cybercriminal group known as USDoD stole and posted a database on a dark web forum. The data, claimed to contain personal information from 2.9 billion records, was listed for sale at $3.5 million.
Social Security Breach: Lawsuits Filed Over Massive Data Compromise
According to USA Today, seven additional lawsuits have also been filed in the same court against National Public Data. The company, which provides background check services allowing customers to search billions of records, acknowledged on its website that a “data security incident” had occurred.
The breach reportedly involved a third-party hacker attempting to access data in late December 2023, with potential leaks occurring in April and the summer of 2024.
While the company has been cooperating with law enforcement and conducting its own review, the August 1 lawsuit estimates that 2.9 billion records were compromised.
Hofmann, who was notified of the breach by his identity-theft protection service in July, stated in the lawsuit that he had never provided his details to National Public Data.
The complaint alleges that the exposed data includes Social Security numbers, full names, addresses, and information about relatives, including some deceased for nearly 20 years.
It also claims that the company failed to “properly secure and safeguard the personally identifiable information that it collected and maintained as part of its regular business practices.”
The Social Security Administration (SSA) confirmed to Newsweek that the breaches are “unrelated to the Social Security Administration’s internal systems and data,” neither of which have been compromised.
Conclusion
The massive data breach affecting 2.9 billion Social Security records has led to a wave of legal actions against National Public Data, highlighting the critical importance of data security. As investigations continue, affected individuals are advised to take steps to protect their identities and monitor their financial accounts closely.
Q1. What caused the recent Social Security data breach?
A. The breach involved a cybercriminal group, USDoD, stealing a database containing personal information and putting it up for sale on the dark web.
Q2. Who is being sued over the data breach?
A. Eight class-action lawsuits have been filed against Jerico Pictures, operating as National Public Data, a Florida-based background check company.
Q3. How many records were compromised in the breach?
A. The August 1 lawsuit estimates that 2.9 billion records were compromised in the breach.
Q4. What personal information was exposed in the breach?
A. The exposed data includes Social Security numbers, full names, addresses, and information about relatives, including some deceased individuals.
Q5. What has the Social Security Administration said about the breach?
A. The SSA confirmed that the breaches are unrelated to their internal systems and data, which have not been compromised.