Back in April, an infamous and sadly industrious threat actor by the name of USDoD offered the personal data of nearly 3 billion people for sale.
At the time, the alleged data breach of background-checking firm National Public Data didn’t grab much attention, but it’s in the headlines now following the filing of a lawsuit against the firm for failing to protect the data the company had in its possession.
The issue with the data was that it was scraped from other websites and “non-public sources” without the knowledge of the people whose data was being collected. The lead plaintiff in the lawsuit, a California man, was only made aware his data had been compromised when he was contacted by his identity-theft protection agency on 24 July, months after the data had been offered for sale on a popular clear web hacking forum.
Read the rest of the story at cyberdaily.