I didn’t take a recently reported data breach very seriously until The Epoch Times published an article describing the problem and providing immediate action resources.  Using the provided tools, I found that all of my family members and I are victims of the breach.

But we are hardly alone. That 2023-2024 data breach affects at least 1.3 million people who are in U.S.-based systems. Are you one of them?

What happened

Reportedly a cybercrime organization, “USDoD,” hacked the data protection company, National Public Data (NPD), and obtained upwards of 2.9 billion records relating to 1.3 million people. The records contain names, Social Security numbers (SSN), addresses, dates of birth and phone numbers of individuals accumulated over at least 30 years. The cache of data was offered for sale on the dark web for $3.5 million.

The combination of your name, the “last four” of your SSN and your date of birth (DOB) will permit access to many health databases. Many financial institutions require this same information for access along with a current address to open your banking and investment data to you — or maybe a caller impersonating you.

This is not a drill.

Has your data been hacked?

You can immediately check whether your data was stolen by visiting npd.pentester.com. There you can enter your name, your year of birth, and the state(s) where you have lived. The site quickly delivers a report of people with your name, their addresses, phone numbers, and the last two digits of the SSN. You can see whether you’re implicated.

What about the data integrity of your email?

You can also check the compromise of information associated with your email address(es) quickly using pentester.com. For long time users of email like me (since 1994), this one may be an unwelcome surprise. The Pentester system offers a free check of your email address(es) as well as paid services to help monitor further email implications, along with erasing at least some of the online presence of compromised data.

How to reduce identity theft and privacy risks

If what you see is a source of concern, here are two good countermoves you can make immediately:

1. Put a free Credit Freeze on your name and SSN with the three credit bureaus. You can also place a free Fraud Alert with those bureaus. The NPD.Pentester site supplies the contact information at the bottom past your search results. The Experian site provides similar contact info without having to do a search first.

2. The Experian site also describes additional identity and credit protection avenues, such as the National Consumer Telecom and Utilities Exchange (NCTUE) report and the ChexSystems report. These resources, which allow you to freeze your financial information in more dimensions, is worth considering.

3. Consider services like LifeLock and Zander. These services regularly report 24/7 on suspicious financial transactions and dark web appearances of your information. They can also help if data misuse occurs. Both systems are cost effective. Personally, I have used LifeLock for nearly 20 years and it has worked well. Another is offered by Zander Insurance, which I have used in the past. There may be others, of course.

How likely are AI-powered identity attacks?

If you’ve never done online identity or find-a-person searches before, the Pentester search results may surprise you. You’ll see how computer systems — unknown to you — have tried to connect people by common addresses, names, and phone numbers. You’ll find people at your address whom you’ve never known, for example. You may see incorrect SSNs associated with your name, and family members at addresses where they have never lived.

Now, with AI-powered systems, criminals can attempt thousands of data breaches daily, using online inquiry systems or human audio impersonations. Moreover, AI systems could analyze the huge database of stolen identities to refine their knowledge. Highly reliable targeted attacks could be launched continuously. After you’ve examined your personal data integrity losses, sit back to consider the huge risks posed when all the data needed is at the AI criminal software’s digital fingertips.

And when a government promises “your data is safe with us,” you should likewise ask: Really?