What is National Public Data Breach?
A 2024 data breach at background check company National Public Data that exposed up to 2.9 billion records including Social Security numbers, names, and addresses — potentially affecting nearly every American, Canadian, and British citizen.
Also known as: NPD Breach, National Public Data Hack, NPD Data Leak, 2.9 Billion Record Breach
The National Public Data breach may be the most consequential data breach in history — 2.9 billion records from a company most people have never heard of, containing the Social Security numbers of virtually every American.
What Happened
- December 2023: Threat actor "USDoD" allegedly scraped National Public Data's systems
- April 2024: A sample of the stolen data appeared on dark web forums
- August 2024: The full dataset was posted on a hacking forum — 2.9 billion records, 277 GB uncompressed
- National Public Data (owned by Jerico Pictures) confirmed the breach after class action lawsuits were filed
- The company filed for bankruptcy in October 2024
What Was Exposed
- Full legal names
- Social Security numbers
- Physical addresses (current and historical, spanning decades)
- Dates of birth
- Phone numbers
- Multiple records per person — some individuals appeared 5-6 times with different addresses
Why This Breach Is Different
You Never Consented
Unlike a breach at a service you signed up for, National Public Data collected your information without your knowledge or consent. They scraped public records, compiled profiles, and sold background check access — and you had no idea they existed.
The Data Is Permanent
Social Security numbers, birth dates, and address histories cannot be changed. This data will be exploited for identity theft and fraud for decades.
Nearly Universal Impact
With 2.9 billion records covering US, Canadian, and British citizens, this breach likely contains data on virtually every adult in those countries.
What You Should Do
- Freeze your credit at Equifax, Experian, and TransUnion immediately (free)
- Monitor your credit for unauthorized accounts
- Use identity theft monitoring — watch for new accounts opened in your name
- Assume your SSN is compromised and act accordingly
- Remove your data from brokers — use services like those at /remove to opt out of people search sites
- Set up IRS Identity Protection PIN to prevent tax fraud
Related Terms
Data Breach
A security incident where protected, sensitive, or confidential data is accessed, stolen, or exposed by unauthorized individuals. Data breaches can result from hacking, insider threats, lost devices, or misconfigured systems.
Data Broker
A company that collects personal information from various sources, aggregates it into detailed profiles, and sells it to third parties. Data brokers operate largely in the shadows, compiling information about people who often don't know they exist.
Equifax Data Breach
A 2017 data breach at credit bureau Equifax that exposed the personal and financial data of 147 million Americans — including Social Security numbers, birth dates, and addresses — making it one of the most damaging breaches in history.
Identity Theft
The fraudulent use of someone's personal information — such as Social Security number, credit card details, or login credentials — to commit crimes or financial fraud.
People Search Sites
Websites that aggregate and sell personal information including addresses, phone numbers, relatives, and criminal records, making anyone's details available for a small fee.
Have more questions?
Use our guided flow to get the right next privacy step for National Public Data Breach.
Open Guided Flow