Cache of three billion background check records set to be sold online by cyber criminals

A stressed out hacker looking at a laptop screen
(Image credit: Yuri A/Shutterstock)

The cyber criminal organization known as USDoD has allegedly stolen 2.9 billion records from Florida based information broker National Public Data, which handles API searches for companies requesting background checks.

The database was first spotted online in April 2024 with a price tag of $3.5 million, and was later verified to be at least semi-genuine by experts at VX-Underground.

VX-Underground also believes that USDoD plans to leak the near 300GB database which mainly contains records of US citizens, but may also include data on people from other countries who have lived in the US, unless they did one simple thing.

USDoD leaks again

The information within the database contained sensitive personal information including full names, addresses and address history, social security numbers and detailed information on family members including the deceased.

Along with all of the disappointing insights VX-Underground provided, they did provide a nugget of good news, stating that “The database DOES NOT contain information from individuals who use data opt-out services. Every person who used some sort of data opt-out service was not present.”

USDoD was one of two cyber criminal groups involved in the leak of millions of Americans criminal records earlier this year, as well as the 3GB TransUnion database theft in 2023.

Leading malware removal tool creator Malwarebytes last month claimed that the USDoD group is looking to replace the BreachForums, which was taken down by the FBI in May but has since somehow returned.

Via TheRegister.

More from TechRadar Pro

Benedict Collins
Staff Writer (Security)

Benedict has been writing about security issues for close to 5 years, at first covering geopolitics and international relations while at the University of Buckingham, where he read Politics with Journalism at undergraduate level before continuing his studies at a postgraduate level in Security, Intelligence and Diplomacy. Benedict made the jump to cybersecurity upon joining TechRadar Pro as a Staff Writer, focussing on state-sponsored threat actors, malware, social engineering, and national security.