(NewsNation) — Public advocates fear that a possible tsunami of identity theft is coming after a hacking group claims it was able to steal nearly three billion personal records, including social security numbers.
The theft happened in April, according to a class-action lawsuit filed in federal court in Fort Lauderdale, Florida. It says the hacking group known as USDoD stole the records from National Public Data, which offers personal information to employers, private investigators and others who do background checks.
USDoD reportedly tried to sell the data for $3.5 million but has now posted most of it for free on an online exchange for stolen personal data. It claims to have 2.9 billion records containing personal data from everyone in the U.S., Canada and the U.K., though those populations add up to roughly 440 million.
Several news sites have examined portions of the data and reported that they appear to be real people’s information. National Public Data has not responded to numerous media requests for comment.
According to the website Bleeping Computer, “Each record consists of the following information – a person’s name, mailing addresses, and Social Security number, with some records including additional information, like other names associated with the person. None of this data is encrypted.”
Experts say the most effective action you can take right now is to freeze your credit files at the three major credit bureaus: Experian, Equifax and TransUnion. That will prevent others from signing up for credit cards or opening other financial accounts in your name.
But if you want to apply for something that requires a credit check, you will need to lift the freeze.
One big warning: don’t respond to an unsolicited email that claims to be from one of the credit bureaus. Experts say it’s probably a scammer claiming to “save” you from the other scammers.
There are also fee-based services that monitor your accounts and monitor the dark web.