{
	"id": "33883982-1a9a-4c88-bb0f-d24b123e355c",
	"created_at": "2026-04-06T00:07:32.162084Z",
	"updated_at": "2026-04-10T03:28:09.05955Z",
	"deleted_at": null,
	"sha1_hash": "f8bacfbf92c29b96a41c07996e847a6fbb6e0bc1",
	"title": "Hackers leak 2.7 billion data records with Social Security numbers",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 1854712,
	"plain_text": "Hackers leak 2.7 billion data records with Social Security numbers\r\nBy Lawrence Abrams\r\nPublished: 2024-08-11 · Archived: 2026-04-05 20:45:53 UTC\r\nAlmost 2.7 billion records of personal information for people in the United States were leaked on a hacking forum, exposing\r\nnames, social security numbers, all known physical addresses, and possible aliases.\r\nThe data allegedly comes from National Public Data, a company that collects and sells access to personal data for use in\r\nbackground checks, to obtain criminal records, and for private investigators.\r\nNational Public Data is believed to scrape this information from public sources to compile individual user profiles for people\r\nin the US and other countries.\r\nhttps://www.bleepingcomputer.com/news/security/hackers-leak-27-billion-data-records-with-social-security-numbers/\r\nPage 1 of 4\n\n0:00\r\nhttps://www.bleepingcomputer.com/news/security/hackers-leak-27-billion-data-records-with-social-security-numbers/\r\nPage 2 of 4\n\nVisit Advertiser websiteGO TO PAGE\r\nIn April, a threat actor known as USDoD claimed to be selling 2.9 billion records containing the personal data of people in\r\nthe US, UK, and Canada that was stolen from National Public Data.\r\nAt the time, the threat actor attempted to sell the data for $3.5 million and claimed it contained records for every person in\r\nthe three countries.\r\nUSDoD is a known threat actor who was previously linked to an attempted sale of InfraGard's user database in December\r\n2023 for $50,000.\r\nBleepingComputer, at the time, contacted National Public Data and never received a response to our email.\r\nStolen data leaked for free\r\nSince then, various threat actors have released partial copies of the data, with each leak sharing a different number of records\r\nand, in some cases, different data.\r\nOn August 6th, a threat actor known as \"Fenice\" leaked the most complete version of the stolen National Public Data data\r\nfor free on the Breached hacking forum. \r\nHowever, Fenice says the data breach was conducted by another threat actor named \"SXUL,\" rather than USDoD.\r\nNational Public Data data leaked on a hacking forum\r\nSource: BleepingComputer\r\nThe leaked data consists of two text files totaling 277GB and containing nearly 2.7 billion plaintext records, rather than the\r\noriginal 2.9 billion number originally shared by USDoD.\r\nWhile BleepingComputer can't confirm if this leak contains the data for every person in the US, numerous people have\r\nconfirmed to us that it included their and family members' legitimate information, including those who are deceased. \r\nEach record consists of the following information - a person's name, mailing addresses, and social security number, with\r\nsome records including additional information, like other names associated with the person. None of this data is encrypted.\r\nPreviously leaked samples of this data also included phone numbers and email addresses, but these are not included in this\r\n2.7 billion record leak. \r\nIt is important to note that a person will have multiple records, one for each address they are known to have lived. This also\r\nmeans that this data breach did not impact 3 billion people as has been erroneously reported in many articles that did not\r\nproperly research the data.\r\nSome people have also told BleepingComputer that their social security numbers were associated with other people they\r\ndon't know, so not all the information is accurate.\r\nhttps://www.bleepingcomputer.com/news/security/hackers-leak-27-billion-data-records-with-social-security-numbers/\r\nPage 3 of 4\n\nFinally, this data may be outdated, as it does not contain the current address for any of the people we checked, potentially\r\nindicating that the data was taken from an old backup.\r\nThe data breach has led to multiple class action lawsuits against Jerico Pictures, which is believed to be doing business\r\nas National Public Data, for not adequately protecting people's data.\r\nIf you live in the US, this data breach has likely leaked some of your personal information.\r\nAs the data contains hundreds of millions of social security numbers, it is suggested that you monitor your credit report for\r\nfraudulent activity and report it to the credit bureaus if detected.\r\nFurthermore, as previously leaked samples also contained email addresses and phone numbers, you should be vigilant\r\nagainst phishing and SMS texts attempting to trick you into providing additional sensitive information.\r\nAutomated Pentesting Covers Only 1 of 6 Surfaces.\r\nAutomated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the\r\nother.\r\nThis whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic\r\nquestions for any tool evaluation.\r\nSource: https://www.bleepingcomputer.com/news/security/hackers-leak-27-billion-data-records-with-social-security-numbers/\r\nhttps://www.bleepingcomputer.com/news/security/hackers-leak-27-billion-data-records-with-social-security-numbers/\r\nPage 4 of 4",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://www.bleepingcomputer.com/news/security/hackers-leak-27-billion-data-records-with-social-security-numbers/"
	],
	"report_names": [
		"hackers-leak-27-billion-data-records-with-social-security-numbers"
	],
	"threat_actors": [
		{
			"id": "80edca9f-dcd6-491e-92f3-87ad1f575631",
			"created_at": "2023-10-14T02:03:14.694988Z",
			"updated_at": "2026-04-10T02:00:05.021046Z",
			"deleted_at": null,
			"main_name": "NetSec",
			"aliases": [
				"NetSec",
				"Operation Data Breach",
				"ScarFace_TheOne",
				"USDoD"
			],
			"source_name": "ETDA:NetSec",
			"tools": [],
			"source_id": "ETDA",
			"reports": null
		},
		{
			"id": "82a51997-1402-41c3-86df-6f9e522b2ba8",
			"created_at": "2024-04-27T02:00:03.554045Z",
			"updated_at": "2026-04-10T02:00:03.63698Z",
			"deleted_at": null,
			"main_name": "USDoD",
			"aliases": [],
			"source_name": "MISPGALAXY:USDoD",
			"tools": [],
			"source_id": "MISPGALAXY",
			"reports": null
		}
	],
	"ts_created_at": 1775434052,
	"ts_updated_at": 1775791689,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/f8bacfbf92c29b96a41c07996e847a6fbb6e0bc1.pdf",
		"text": "https://archive.orkl.eu/f8bacfbf92c29b96a41c07996e847a6fbb6e0bc1.txt",
		"img": "https://archive.orkl.eu/f8bacfbf92c29b96a41c07996e847a6fbb6e0bc1.jpg"
	}
}