social security data breach
social security data breach

One of the Millions Impacted in the USDoD Social Security Data Breach? Here’s What to Do Next.

Vivian Susko |

Millions of individuals could be at the mercy of cybercriminals after a hacking group launched a large-scale data breach impacting 2.9 billion records, including Social Security numbers and other sensitive information.

The Los Angeles Times reported this week that full names, addresses, birth dates, phone numbers and even Social Security numbers could now be for sale on the dark web. Here’s what you need to know.

Behind-the-Scenes of the USDoD Social Security Breach

The USDoD breach was first believed to have happened in or around April 2024, when National Public Data (NPD), a Florida-based background check company, had the sensitive data of nearly three billion people stolen by a hacking group.

The stolen file includes 277.1 gigabytes of sensitive data dating back at least three decades, according to a class-action lawsuit filed in the U.S. District Court in Fort Lauderdale, Florida, reported by Bloomberg Law.

Flash forward, and there is now alleged evidence of these records for citizens of the U.S., U.K. and Canada being sold on the dark web. The files can be bought for $3.5 million and the credentials for the server are included, according to a post from a cybersecurity expert on X, formerly Twitter.

What Type of Attack was the USDoD Breach?

The USDoD breach is a cyberattack known as social engineering, where malicious actors manipulate people or scenarios to gain access to sensitive information. It is alleged that the hacker group USDoD used social engineering to exfiltrate unencrypted files from the background check company, National Public Data (NPD).

The company has not publicly confirmed a data breach, but The Los Angeles Times reported that it has been telling people who contacted via email that “we are aware of certain third-party claims about consumer data and are investigating these issues.”

Your Social Security Number May Have Been Stolen: What Now?

If you suspect your information has been stolen or found on the dark web, taking immediate action can help you prevent fraud and protect against identity theft. Here are some of the short-term and long-term steps that can be taken to bolster your digital security.

Immediate Steps to Take After a Data Breach:

Update and Run Security Scans

Ensure your antivirus software is fully up to date, then run comprehensive security scans on all your devices, including computers, smartphones, and tablets.

Strengthen Your Passwords

Immediately update passwords for your bank accounts, email accounts, and any other services you use. Avoid using easily guessed information like birthdays or common words.

Enable Multi-Factor Authentication (MFA)

Wherever possible, activate multi-factor authentication (MFA) on your accounts. This adds an extra layer of security by requiring a second form of verification (such as a text message or authentication app) in addition to your password.

Monitor Financial Accounts and Credit Reports

Keep a close eye on your bank accounts and credit card statements for any unauthorized transactions. Report any suspicious activity to your financial institution immediately.

Bonus tip: taking the time to place a credit freeze could help protect your financial identity. Hackers often target individuals with strong credit to take out loans or open accounts in their names. A credit freeze essentially locks your credit report, preventing unauthorized parties from accessing your detailed information. This means that even if cybercriminals try to exploit your data, they won’t be able to see your credit history or use it to their advantage.

Beware of Phishing Attempts

Stay vigilant with your email and social media accounts, as cybercriminals often attempt to steal more information through phishing attacks following a breach. Be cautious of unsolicited messages, especially those asking for personal information or containing suspicious links.

Notify Affected Organizations

Contact companies or services where your data was compromised to inform them of the breach. They may offer additional security measures or advice to help protect your accounts.

Stay Informed

Stay updated on the details of the breach. Companies affected by data breaches often release information on what data was compromised and offer resources for affected customers.

Plan for the Future

And last, but certainly not least, start planning for the future with business continuity planning measures. Consider regularly backing up your important data and storing it securely offline. This can help you recover in case of future breaches or cyberattacks.

Long-Term Steps to Take After a Data Breach: Business Continuity Planning

Beyond staying proactive by educating yourself on cybersecurity best practices to prevent future incidents, having a comprehensive business continuity plan in place can significantly mitigate operational risks and help your teams navigate through disruptions effectively.

Your Business Continuity Plan should have the following foundational elements:

Risk Assessment and Business Impact Analysis (BIA)

It’s critical to understand your current dependencies on IT systems and the potential fallout from their failure.

Recovery Strategies

Developing plans to restore business functions as quickly as possible includes having backup systems, alternative work arrangements, and clear communication plans.

Plan Development and Testing

Creating a detailed response plan is step one. You then need to regularly test them to ensure its ongoing effectiveness.

Continuous Monitoring

Regularly monitoring the performance and security practices of third-party vendors. Continuous assessment helps in identifying and mitigating risks before they materialize into significant issues.

And as interconnected risk continues to rise alongside our growing dependence on third-party vendors, business continuity planning is no longer a one-track task.

Robust Business Continuity Management (BCM) planning and software should now integrate and collaborate with your other core business functions, systems, and technologies. Take third-party risk management and policy management, for example. With the right BCM approach, you get better visibility and control over your:

Vendor Risk Assessment and Due Diligence

To evaluate the potential risks posed by third-party vendors and understand the risk profiles of all vendors involved in your supply chain.

Contractual Safeguards

To ensure that contracts with vendors include provisions for business continuity and disaster recovery. This includes service level agreements (SLAs) that specify response times and remediation processes in case of an outage.

Contingency and Liquidity Planning

Identify alternative vendors, establish redundant systems, and implement recovery procedures to ensure continuity of operations in the event of a crisis. Ensure you don’t face financial constraints while production is impacted by strategically allocating funds. One way to do this would be to quantify these risks and simulate value-at-risk (which shouldn’t exceed your risk-bearing capacity).

Stakeholder Communication

Maintain open communication channels with internal stakeholders, third-party vendors, regulatory authorities, and other relevant parties. Transparent communication facilitates the exchange of information, facilitates risk awareness, and enables prompt response to emerging threats or concerns.

While the exact fallout of this Social Security breach remains unclear, it’s a stark reminder that our personal data is more vulnerable than ever. Stay vigilant, monitor your accounts, and prioritize your digital security. By staying informed and prepared, we can reduce the impact of such breaches and safeguard our identities for the future.

Remember, in an age where information is power, your best defense is awareness. Don’t wait for the next breach to act — start protecting your personal information now.

More Blogs You May Find Interesting:

Mitratech’s Alyne

Learn more about Alyne and how it can ease your process by requesting a demo today.

SCHEDULE A DEMO