Have you been exposed to a violation of NPD principles?
3 mins read

Have you been exposed to a violation of NPD principles?

The national public data breach is a chilling reminder that our personal information — from usernames and passwords to birth dates and Social Security numbers — can fall into the hands of criminals with just a few keystrokes.

National Public Data is a private company based in Florida that collects information for background checks. Its databases included 2.7 billion people’s full names, addresses, dates of birth, Social Security numbers and phone numbers, alternate names and dates of birth, and email addresses.

NPD was hacked in April, and likely again this summer. All of that information became available for sale on the dark web—a seedy part of the internet where criminal activity thrives.

There are a few ways to check if your information was part of the leak. You can use https://npd.pentester.com/ or https://npdbreach.com/ to check if you were part of this particular leak and what parts of your personal information may have been compromised.

Even if you have no reason to believe NPD has your information, it’s still important to double-check it. Criminals can do a lot of damage to your credit, finances — even your reputation — with just your full name, date of birth, and address, not to mention your Social Security number.

If your information has been leaked, you can protect your credit by freezing it with the three major credit bureaus: Experian, Equifax, and TransUnion. Unfortunately, you have to contact each one separately, and if you plan to make major purchases (like a car or a house) or open new accounts (like a credit card or a new bank) that require a credit check, you have to contact each agency to temporarily lift the freeze. Call it a “thaw,” if you will.

One thing that worries experts about the NPD hack is that not only was personal information compromised, but so were people’s email addresses. These things, when combined, make it easier for scammers to impersonate someone (by spoofing their email address) or create sophisticated phishing emails that target specific users. Phishing scams aim to trick people into voluntarily providing personal information—usually a Social Security or credit card number—or clicking on malicious links, often by impersonating legitimate businesses or scaring people into clicking on links to avoid supposed late fees or other strange charges on their accounts.

Unfortunately, it’s not uncommon for people’s email addresses to be leaked in what are, for lack of a better word, minor data breaches. So many apps and websites require us to provide email addresses, even if we don’t create an account. That information is stored and can be compromised. The same goes for usernames and passwords.

You can check if your email address — and related information — has been exposed in a data breach at https://haveibeenpwned.com/ . If your email address was part of a known breach, this page will let you know, as well as which data breach compromised your address and what other information may have been exposed as a result of the breach.

There are a few things we can do to protect ourselves: we use unique passwords for every site (we know, easier said than done), we use two-factor authentication, and we use special online security services like antivirus software to protect our information or credit monitoring to notify us when something happens.

The danger of modern life is that even the most basic things we do require us to provide personal information that is then stored electronically. And unfortunately, that information is never as secure as we would like it to be.