// breach analysis
Breach Analysis

What the National Public Data breach means for you

2.9 billion records. SSNs, addresses, full names. Here's what was actually exposed, who's at risk, and the exact steps you should take starting today.

April 1, 2026 8 min read By Baris Ayarkan
X / Twitter LinkedIn Facebook
2.9B
Records exposed
~270M
Unique SSNs reported
$1
Cost per record on dark web
Is your email in this breach?

Run a free scan to see if your data was exposed in National Public Data or any other breach.

Check my exposure →

What actually happened

National Public Data was a background-check and data-broker company that aggregated records from public sources court filings, voter registrations, address histories and sold access to third parties. In 2024, a threat actor known as USDoD claimed to have stolen roughly 2.9 billion records from their systems and put the data up for sale on a dark-web forum for $3.5 million.

Over the following months, portions of the dataset leaked for free. Security researchers confirmed the breach contained real, verifiable data. National Public Data eventually acknowledged the incident and the company subsequently filed for bankruptcy in late 2024.

⚠️
You don't have to be a customer to be affected

National Public Data collected records on most US adults through public sources. You likely never heard of them that doesn't mean your data wasn't in their database.

What data was exposed

Unlike password breaches where you can just rotate credentials, this breach involved identity data that doesn't change. That's what makes it more dangerous long-term.

Data TypeWhy it mattersRisk Level
Social Security NumbersCan be used to open new credit accounts, file fraudulent tax returns, impersonate youCRITICAL
Full Names + AliasesEnhances phishing attacks and identity fraudHIGH
Date of BirthUsed to answer security questions and verify identityHIGH
Current AddressEnables physical mail fraud, targeted scamsMEDIUM
Historical AddressesUsed to pass knowledge-based authenticationMEDIUM
Phone NumbersEnables SIM-swap attacks and targeted callsMEDIUM
💡
Why SSNs are so dangerous in this context

A password breach is recoverable change the password. An SSN breach is not. That 9-digit number follows you for life. Attackers can use it years later to pass identity checks at banks, insurance providers, and government systems.

The 5 steps to take right now

These steps are ordered by impact. Do them in order, the first two matter most.

Freeze your credit at all three bureaus

A credit freeze is free and blocks anyone from opening new credit in your name. Do all three: Equifax, Experian, and TransUnion. Also consider freezing at ChexSystems for bank account protection.

Place a fraud alert if you're not ready to freeze

A fraud alert is weaker than a freeze but still useful. You only need to file at one bureau they're required to notify the others. It prompts lenders to do extra identity verification.

Check IdentityTheft.gov if you see suspicious activity

The FTC's identitytheft.gov creates a personalized recovery plan if you've already seen misuse unauthorized accounts, tax issues, or debt collection notices you don't recognize.

Watch for unusual mail and phone calls

Unexpected account-verification letters, new card deliveries you didn't request, IRS notices about duplicate returns, or debt collection calls all are warning signs of ongoing identity fraud.

Review your financial accounts and credit reports

Check annualcreditreport.com for accounts you didn't open. Review bank and card statements for unfamiliar transactions. Set up transaction alerts if your bank supports them.

🛡️
Freezing doesn't block everything

A credit freeze stops new credit lines but doesn't prevent misuse of existing accounts, tax fraud, or Social Security benefit fraud. Stay vigilant across all financial touchpoints.

The long-term risk picture

Most identity fraud from large-scale breaches doesn't happen immediately. Stolen identity data gets packaged, resold, and used months or years after the original breach. The combination of name + DOB + SSN + address history is exactly what's needed to impersonate someone in front of a bank or government system.

This is why a one-time check isn't enough. Set a calendar reminder to review your credit report every 3 to 4 months, especially if you suspect you're in the dataset.

Monitor your email address for future breaches

DataLeakz monitors breach databases and alerts you when your email shows up in new leaks.

Start free monitoring →

Common questions

Was I affected even if I never used National Public Data?

Most likely yes, if you're a US adult. NPD aggregated data from public records voter registrations, court filings, property records not just their own customers. You never had to opt in.

My SSN was exposed. What's the worst that could happen?

The biggest risks are new accounts opened in your name, fraudulent tax returns claiming your refund, and Medicare/benefit fraud. A credit freeze prevents most financial fraud but not tax or benefit fraud — that requires additional vigilance with the IRS and SSA.

Is freezing my credit going to cause problems when I need to borrow?

No — you can lift and re-apply a freeze at any time, usually within minutes through each bureau's website. A temporary thaw for a specific lender costs nothing and takes a few minutes.

Sources

  1. Microsoft Support: National Public Data breach — What you need to know
  2. IBM Think: National Public Data breach publishes private data of billions of U.S. citizens
  3. FTC Consumer Advice: Credit freezes and fraud alerts — consumer.ftc.gov
  4. IdentityTheft.gov — FTC data-breach recovery guidance
// read next
Guide The 10-minute security audit every person should do Apr 5, 2026 · 6 min read Guide Password reuse is the real threat — here's how to fix it Apr 2, 2026 · 7 min read Security 2FA is not all equal — why SMS is your weakest link Apr 3, 2026 · 6 min read