A new class action lawsuit filed in Florida has revealed a massive data breach that reportedly left roughly 2.9 billion records compromised, including Social Security numbers, full names, and addresses.
[RELATED: Nearly All Maine Residents Victims of State Data Breach…]
“Plaintiff brings this Complaint against Defendant for its failure to properly secure and safeguard the personally identifiable information that it collected and maintained as part of its regular business practices. Upon information and belief, such sensitive information includes, but is not limited to, Plaintiffโs and Class Membersโ full names; current and past addresses (spanning at least the last three decades); Social Security numbers; information about parents, siblings, and other relatives,” said plaintiff Christopher Hofmann in his lawsuit.
The suit accuses background check company National Public Data (NPD) of failing to secure billions of records for people in the U.S., U.K., and Canada.
The breach allegedly affected people who did not voluntarily give their information to NPD, such as the plaintiff, who believes that the company acquired his private records from non-public sources.
“Plaintiff and Class Members are not current and former customers but are individuals who had the misfortune of having their PII targeted, mined and scraped by Defendant from non-public sources without their consent,” said the suit.
According to the suit, the records were obtained around April of this year by the cybercriminal group known as USDoD.
On April 8, the USDoD allegedly listed the 2.9 billion records for sale on the dark web forum known as “Breached,” setting the price at $3.5 million.
After listing the files for sale, the USDoD leaked the 277-gigabyte file for free, according to tech outlet BleepingComputer.
The lawsuit also cited claims by cybersecurity educator VX-Underground, which suggest that anyone who did not use some sort of data opt-out services could have been included in the breach, regardless of whether they knowingly interacted with NPD.
Hofmann’s suit demands that the defendant increase its security in the future and pay restitution for the harm caused by its failure to protect personal information.
Any new protections now will likely come too late to provide serious benefits, as the data has already been widely available to identity thieves since April.
In addition, the suit, which was filed on August 1, demands that the case be addressed in a trial by jury.
Was just notified about a breach at Change healthcare, someone id never heard of. They lost everything, ssn, drivers license #, address, birthdates, phone #s AND personnel health records. If you have ever been to a doctor Change has (or had) your records too. They recommend credit monitoring. Loosing health records has penalties unlike the other data. Hopefully with class action there’ll be enough $ for a beer or two.
Death penalty for cyber thieves and hackers .
Go catch them .
Bring them here .
Give them a trial ..
Publicly execute them .
Problem would go away .
Oh well!! There is a corps in charge of the Nuke Football & the Dizziest broad God ever made looking to take his place.
This is just as brainless as triad weed
Country hasn’t existed long enough to have three billion records.
There is no dark web, there is only FBI