Close Menu
TechBrunchTechBrunch
  • Home
  • AI
  • Apps
  • Crypto
  • Security
  • Startups
  • TechCrunch
  • Venture

Subscribe to Updates

Subscribe to our newsletter and never miss our latest news

Subscribe my Newsletter for New Posts & tips Let's stay updated!

What's Hot

One of Elon Musk's longtime VCS is suing his former employer after allegedly fired

May 8, 2025

Korean telephone giant SKT data breaches timeline

May 8, 2025

AppFigures: Apple earned more than $10 billion from its US App Store commission last year

May 8, 2025
Facebook X (Twitter) Instagram
TechBrunchTechBrunch
  • Home
  • AI

    OpenAI seeks to extend human lifespans with the help of longevity startups

    January 17, 2025

    Farewell to the $200 million woolly mammoth and TikTok

    January 17, 2025

    Nord Security founder launches Nexos.ai to help enterprises move AI projects from pilot to production

    January 17, 2025

    Data proves it remains difficult for startups to raise capital, even though VCs invested $75 billion in the fourth quarter

    January 16, 2025

    Apple suspends AI notification summaries for news after generating false alerts

    January 16, 2025
  • Apps

    AppFigures: Apple earned more than $10 billion from its US App Store commission last year

    May 8, 2025

    Instagram thread gets video ads

    May 8, 2025

    Google deploys AI tools to protect Chrome users from fraud

    May 8, 2025

    Match to lay off 13% of staff

    May 8, 2025

    Apple tries to delay ruling that it will prohibit cutting payments for external apps

    May 8, 2025
  • Crypto

    Stripe unveils AI Foundation model for payments, revealing a “deeper partnership” with Nvidia

    May 7, 2025

    Movie Pass explores the daily fantasy platform of film buffs

    May 1, 2025

    Speaking on TechCrunch 2025: Application is open

    April 24, 2025

    Revolut, a $45 billion Neobank, recorded a profit of $1 billion in 2024

    April 24, 2025

    The new kids show will come with a crypto wallet when it debuts this fall

    April 18, 2025
  • Security

    Korean telephone giant SKT data breaches timeline

    May 8, 2025

    Powerschool paid the hacker ransom, but now the school says it's being forced

    May 8, 2025

    VC Company Insight Partners Review Personal Data Stolen During a January Hack

    May 8, 2025

    Crowdstrike says it will fire 500 workers

    May 7, 2025

    Ox Security lands fresh $60 million to scan code vulnerabilities

    May 7, 2025
  • Startups

    7 days left: Founders and VCs save over $300 on all stage passes

    March 24, 2025

    AI chip startup Furiosaai reportedly rejecting $800 million acquisition offer from Meta

    March 24, 2025

    20 Hottest Open Source Startups of 2024

    March 22, 2025

    Andrill may build a weapons factory in the UK

    March 21, 2025

    Startup Weekly: Wiz bets paid off at M&A Rich Week

    March 21, 2025
  • TechCrunch

    OpenSea takes a long-term view with a focus on UX despite NFT sales remaining low

    February 8, 2024

    AI will save software companies' growth dreams

    February 8, 2024

    B2B and B2C are not about who buys, but how you sell

    February 5, 2024

    It's time for venture capital to break away from fast fashion

    February 3, 2024

    a16z's Chris Dixon believes it's time to focus on blockchain use cases rather than speculation

    February 2, 2024
  • Venture

    One of Elon Musk's longtime VCS is suing his former employer after allegedly fired

    May 8, 2025

    Sequoia leads a $1.5 billion tender offer for sales automation startup clay

    May 8, 2025

    Bosch Ventures is turning attention to North America with a new $270 million fund

    May 8, 2025

    A comprehensive list of 2025 tech layoffs

    May 7, 2025

    Kapor Capital's managing partner Ulili Onovakpuri has left the company

    May 7, 2025
TechBrunchTechBrunch

The mystery of data broker data breaches

TechBrunchBy TechBrunchJune 11, 20244 Mins Read
Facebook Twitter Pinterest Telegram LinkedIn Tumblr WhatsApp Email
Share
Facebook Twitter LinkedIn Pinterest Telegram Email


Since April, hackers with a history of selling stolen data have claimed to have leaked billions of records from a US data broker, affecting at least 300 million people, in what could be one of the biggest data breaches this year.

The data reviewed by TechCrunch is incomplete, but appears to be partially legitimate in itself: Advertised on a popular cybercrime forum, the stolen data is years old and purported to include full names, home address histories, and Social Security numbers of US citizens, data that is widely sold by data brokers.

However, verifying the source of the suspected data theft proved inconclusive – such is the nature of the data broker industry, which gobbles up individuals' personal data from a variety of sources with little to no quality control.

According to the hackers, the data broker in question is National Public Data, which describes itself as “one of the largest providers of public records on the Internet.”

On its official website, National Public Data claimed to sell access to several databases, including a “People Finder” that allows customers to search by Social Security number, name, date of birth, address, and phone number, a database of U.S. consumer data covering more than 250 million individuals, a database of voter registration data containing information on 100 million U.S. citizens, and a criminal records database.

Malware research group vx-underground said on X (formerly Twitter) that they had examined the stolen database in its entirety and “can confirm that the data it contains is authentic and accurate.”

“We searched for several individuals who agreed to have their information looked up,” the group wrote, adding that they were able to find information about those people, including names, address history going back more than 30 years, and Social Security numbers.

“I was also able to find my parents and siblings. [sic] “Parents, deceased relatives, uncles, aunts, cousins,” vx-underground wrote.

TechCrunch conducted a similar effort to verify the data's authenticity, with mixed results.

Contact Us Do you have more information about this or similar incidents? You can securely contact Lorenzo Franceschi-Bicchierai from a non-work device on Signal (+1 917 257 1382), Telegram, Keybase, Wire @lorenzofb, or email. You can also contact Zulkarnain Saer Khan on Signal (+36707723819), X @ZulkarnainSaer. You can also contact TechCrunch via SecureDrop.

In examining a small sample of 5 million records, we found a large number of names and addresses that matched corresponding public records. But we also found some data that didn't necessarily make sense, such as email addresses with different names, that didn't clearly relate to the rest of the associated individual's data. Some of the records even purportedly contained information about prominent people, including the personal data of a former U.S. president.

TechCrunch provided the names of the eight consenting individuals to the US Department of Defense, the hackers selling the data, in an attempt to verify whether the hackers actually had legitimate data. The hackers never returned any of the eight individuals' data.

TechCrunch also contacted 100 people whose phone numbers and email addresses were included in the sample, and only one responded, confirming that some, but not all, of the allegedly stolen data was accurate.

Direct inquiries to the sources of the alleged data theft did not yield many answers.

Despite multiple attempts to contact the company, National Public Data has not responded, nor has its founder and CEO, Salvatore Verini. After TechCrunch first contacted National Public Data last week, the company removed website pages that contained details of the databases to which it sells access.

Not all data breaches claimed by hackers are real, especially those touted on hacking forums, which is why TechCrunch and other cybersecurity reporters often spend a great deal of time verifying data breaches, an effort that sometimes ends inconclusively.

However, this alleged breach by data brokers appears to be an exceptional case as some of the data is genuine and some has already been verified.

The proliferation and commoditization of personal data across the data broker industry makes identifying the source of a data leak even more difficult, and even if this particular data breach remains unresolved, it further demonstrates that the data broker industry is out of control and creating real privacy issues for ordinary people.

While we weren't able to definitively solve the mystery of this data breach, we did have enough information to allow us to elaborate on our investigation. One thing is clear: as long as data brokers are collecting personal information, there remains a risk that it will be leaked.



Source link

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

Korean telephone giant SKT data breaches timeline

May 8, 2025

Powerschool paid the hacker ransom, but now the school says it's being forced

May 8, 2025

VC Company Insight Partners Review Personal Data Stolen During a January Hack

May 8, 2025

Crowdstrike says it will fire 500 workers

May 7, 2025

Ox Security lands fresh $60 million to scan code vulnerabilities

May 7, 2025

NSO Groups must pay WhatsApp more than $167 million in damages for Spyware Campaign

May 6, 2025

Leave A Reply Cancel Reply

Top Reviews
Editors Picks

7 days left: Founders and VCs save over $300 on all stage passes

March 24, 2025

AI chip startup Furiosaai reportedly rejecting $800 million acquisition offer from Meta

March 24, 2025

20 Hottest Open Source Startups of 2024

March 22, 2025

Andrill may build a weapons factory in the UK

March 21, 2025
About Us
About Us

Welcome to Tech Brunch, your go-to destination for cutting-edge insights, news, and analysis in the fields of Artificial Intelligence (AI), Cryptocurrency, Technology, and Startups. At Tech Brunch, we are passionate about exploring the latest trends, innovations, and developments shaping the future of these dynamic industries.

Our Picks

One of Elon Musk's longtime VCS is suing his former employer after allegedly fired

May 8, 2025

Korean telephone giant SKT data breaches timeline

May 8, 2025

AppFigures: Apple earned more than $10 billion from its US App Store commission last year

May 8, 2025

Subscribe to Updates

Subscribe to our newsletter and never miss our latest news

Subscribe my Newsletter for New Posts & tips Let's stay updated!

© 2025 TechBrunch. Designed by TechBrunch.
  • Home
  • About Tech Brunch
  • Advertise with Tech Brunch
  • Contact us
  • DMCA Notice
  • Privacy Policy
  • Terms of Use

Type above and press Enter to search. Press Esc to cancel.