Everything You Need To Know To Protect Yourself – Technologist
Florida-based background check company National Public Data (NPD) recently announced that sensitive information that it had stored on billions (yes, billions) of Americans was hacked.
“I’m getting a lot of questions about this massive data breach, which may be the second-largest data breach in history,” says money expert Clark Howard. “This is the kind of thing that we are so numb to but we ignore this at our peril.”
If you are affected, you may wonder what steps to take to safeguard your information. Read on.
National Public Data Breach: What To Know and Do
In this article, we’ll cover everything you need to do in light of the National Public Data breach. We’ll also get some tips from Clark and how to protect ourselves.
Quick Guide: NPD Hack
National Public Data first notified people of the massive data hack in August, months after the information was stolen.
“There appears to have been a data security incident that may have involved some of your personal information,” National Public Data says on its website. “The incident is believed to have involved a third-party bad actor that was trying to hack into data in late December 2023, with potential leaks of certain data in April 2024 and summer 2024.”
Sensitive information accessed includes people’s names, email addresses, phone numbers, Social Security numbers and postal addresses, according to NPD. The breach may involve as many as 3 billion Americans and cybercrooks are selling the stolen data on the dark web for $3.5 million, according to a proposed class-action lawsuit.
How Can I Tell if My Information Was Involved in the Data Breach?
You can check whether your information was involved in the data breach by going online and inputting some minimal information. I visited the websites below and didn’t input my Social Security number. Neither should you.
- HaveIBeenPwned.com is a free resource that uses your email address to see if any of your online accounts may have been compromised or “pwned” in a data breach.
- npdbreach.com is a website set up by online privacy company Atlas Privacy and is part of the Data Dividend Project. It uses name, ZIP Code, SSN (don’t enter) or phone number to see if you’ve been compromised.
- npd.pentester.com is a website set up by the Pentester cybersecurity company. It uses your name, state and birth year to scan the web to see if your information pops up.
I put my information in all three sites and the results came back indicating that some of my records, like billions of others, were among those in the National Public Data trove and other data breaches.
What Should I Do If My Social Security Number Was Compromised?
If your Social Security number was compromised, it’s a good idea to request to Block Electronic Access to your account through the Social Security Administration (SSA). You can do this by calling the SSA at 1-800-772-1213. If you are deaf or hard of hearing and use TTY equipment, you can use their (TTY) number, 1-800-325-0778.
On the agency’s website, SSA.gov, it says, “Once requested, any automated telephone and electronic access to your Social Security record is blocked. No one, including you, will be able to see or change your personal information on the Internet or through our automated telephone service. If you have requested that we block access to your record and later change your mind, you can contact us and ask to have the block removed. You will need to prove your identity when you call.”
To report any incidents of fraud or abuse, the SSA says you can submit a report online with the Office of Inspector General at oig.ssa.gov or call their fraud hotline at 1-800-269-0271.
Also, depending on the extent to which your information was compromised, you may have to get law enforcement involved, especially if your identity was stolen. Read our definitive Identity Theft Guide on how to protect yourself.
Can I Put a Freeze on My Social Security Number?
While you can’t “freeze” your Social Security number, you can take steps to prevent anyone from accessing or changing your benefits.
One way to do that is to set up a Direct Deposit Fraud Prevention block, which the SSA says “prevents anyone, including you, from enrolling in direct deposit or changing your address or direct deposit information through my Social Security or a financial institution (via auto-enrollment).”
To set up a Direct Deposit Fraud Prevention block, you need to create a my Social Security account at SSA.gov, if you haven’t already. Read our step-by-step guide on how to set up a my Social security account.
Clark says that you should have a my Social Security account sooner rather than later in life.
“Most people won’t pay attention to this until age 50,” Clark says. “But I want you to have an account by age 30.”
And while you can’t freeze your Social Security number, you can freeze your credit, which Clark says, is the best way to protect yourself from identity thieves. More on that below.
How Can I Protect Myself From Future Data Breaches?
If your information has been compromised in a data breach, you will probably receive a morass of company or credit bureau correspondence that promises a remedy.
Important: Resist the Urge To Sign Up for Worthless Credit-Protection Services
“Every time a company has an ugly data breach, the lawyers send this letter: ‘Blah, blah, blah, company may have suffered a data breach and your information may have been included in the breach, blah, blah, blah, what we’re doing for you is we’re offering you one to two years of worthless credit monitoring, go have a nice life,’” Clark says.
Companies and credit bureaus today waste little time capitalizing on data breaches by using them to promote their credit-monitoring and fraud alert services, which Clark says only creates more opportunities for your information to be compromised. A credit freeze is vastly superior to any other protection being offered out there.
When it comes to fraud alerts, Clark says, “If you want to pretend to do something to protect yourself that does absolutely nothing? You put in a fraud alert with Equifax, TransUnion and Experian. The least harm to the credit bureaus’ revenue is for you to do a worthless fraud alert — it doesn’t do anything for you. That’s window dressing.”
And it is the same with credit locks. “A credit lock is this Frankenstein’s monster that Equifax, TransUnion and Experian have created, where they still build the dossiers on you, and sell off your information over and over and over, which, again creates another layer of risk of that information falling in the wrong hands and doing more havoc in your life,” Clark says.
Plus, credit locks cost money. Read about the differences between a credit lock and a credit freeze. (Spoiler alert: Don’t waste your time or money on a credit lock. But, a credit freeze is critical.)
With the increasing frequency of cybersecurity hacks and data breaches, it’s becoming more difficult to 100% safeguard your financial information and identity. However, there are some proactive steps you can take to reduce your chances:
1. Monitor & Freeze Your Credit
Check out Clark’s comprehensive Credit Freeze Guide for all the steps. It’ll also show you how to temporarily lift or “thaw” your credit when you need to.
2. Create a Strong Password
Make it difficult for crooks to access your online accounts by creating strong passwords. If you’re using the same password on multiple accounts, change your passwords to prevent any hacks.
Our guide on how to create a strong password says, “Choose a password that is at least 12 characters long. The longer the better. Websites have certain requirements for passwords. Most reputable sites will require a minimum number of characters, but most allow you to use more than what is recommended. If you have that option, take it.”
Clark is also an advocate for password managers, which come up with complex combinations for you.
“The way most of us, as humans, create passwords … we’re creating so much danger for ourselves,” says Clark. “Using a password manager, even though there’s a possibility they’ll be hacked, is vastly superior to the terrible passwords we use over and over again.”
Read our guide on the best password managers.
3. Watch Out for Scams
Have a keen ear for potential scams, including people who contact you allegedly on behalf of the SSA. It is likely a scam, if anyone calls, emails or texts you about any of the following issues:
- A problem with your Social Security number or your benefits, including saying that they’re frozen unless you take action
- Requests for payment (including gift cards, wire transfers, PayPal or other electronic payment forms)
- Threats or scare tactics to pressure you into making a rush decision (such as threatening jail time or legal action if you do not comply)
Read up on more Social Security scams and how to avoid them.
SSA.gov says, “We want to make one thing perfectly clear: Social Security will not send you an email asking you to give us your personal information, such as your Social Security number, date of birth, or other private information. If someone saying they are from Social Security does email you requesting information, don’t respond to the message. Instead, contact your local Social Security office or call us at 1-800-772-1213 (TTY 1-800-325-0778) to see whether we really need any information from you.”
4. Don’t Click on Any Suspicious Links via Email or Text
If you’ve received a text message from someone you don’t know, Clark says, “Note what it says, but do not click on any link in it.”
5. Don’t Give Out Any Sensitive Information Via Phone Call
6. Set Up Two–Factor Authentication
If you haven’t already, you should bolster your financial accounts by setting up two-factor authentication, which works by having you verify your identity two different ways, typically by sending a code to your phone or email address.
If you have two-factor authentication set up on your phone, Clark suggests using a second device so that if you lose your phone or it’s stolen, the code goes to an email you can access independently of your phone.
For my two-factor authentication, I use the Microsoft Authenticator app, available for Android and iOS, which generates a temporary code every 30 seconds.
Final Thoughts
The National Public Data hack is a big one, but it won’t be the last. Bookmark this page in your web browser so that you can get back to it easily.
“We get passive and we get zoned out about data breaches because they just keep coming at us like ocean waves,” Clark says, but it’s important to stay vigilant and protect yourself.
Know that even if you weren’t affected by this breach your information is probably out there from another one. Be mindful of scammers trying to collect additional information on you to gain access to your accounts and identity. A little prevention can go a long way.
Why Venture Capital Funds Beat Investing In Single Companies – Technologist
Zacks Small Cap Research – VNRX: Nu.Q Vet Test is now available in 17 countries. Cost cutting continues in a plan to be cash flow neutral in 2025. Management focused on signing licensing deals for Capture-PCR (human cancer detection method) and Nu.Q NET for sepsis. $7.0 million financing completed. – Technologist
Careful Giving Up Your Career To Be A Stay-At-Home Parent- Financial Samurai – Technologist
About The Author
admin
Azeem Rajpoot, the author behind Technolo Gist, is a passionate tech enthusiast with a keen interest in exploring and sharing insights about the rapidly evolving world of technology. With a background in Technologist, Azeem brings a unique perspective to the blog, offering in-depth analyses, reviews, and thought-provoking articles. Committed to making technology accessible to all, Azeem strives to deliver content that not only keeps readers informed about the latest trends but also sparks curiosity and discussions. Follow Azeem on this exciting tech journey to stay updated and inspired.
