Cache of three billion background check records set to be sold online by cyber criminals

A stressed out hacker looking at a laptop screen
(Image credit: Yuri A/Shutterstock)

The cyber criminal organization known as USDoD has allegedly stolen 2.9 billion records from Florida based information broker National Public Data, which handles API searches for companies requesting background checks.

The database was first spotted online in April 2024 with a price tag of $3.5 million, and was later verified to be at least semi-genuine by experts at VX-Underground.

VX-Underground also believes that USDoD plans to leak the near 300GB database which mainly contains records of US citizens, but may also include data on people from other countries who have lived in the US, unless they did one simple thing.

USDoD leaks again

The information within the database contained sensitive personal information including full names, addresses and address history, social security numbers and detailed information on family members including the deceased.

Along with all of the disappointing insights VX-Underground provided, they did provide a nugget of good news, stating that “The database DOES NOT contain information from individuals who use data opt-out services. Every person who used some sort of data opt-out service was not present.”

USDoD was one of two cyber criminal groups involved in the leak of millions of Americans criminal records earlier this year, as well as the 3GB TransUnion database theft in 2023.

Leading malware removal tool creator Malwarebytes last month claimed that the USDoD group is looking to replace the BreachForums, which was taken down by the FBI in May but has since somehow returned.

Via TheRegister.

More from TechRadar Pro

Benedict Collins
Staff Writer (Security)

Benedict has been writing about security issues for over 7 years, first focusing on geopolitics and international relations while at the University of Buckingham. During this time he studied BA Politics with Journalism, for which he received a second-class honours (upper division),  then continuing his studies at a postgraduate level, achieving a distinction in MA Security, Intelligence and Diplomacy. Upon joining TechRadar Pro as a Staff Writer, Benedict transitioned his focus towards cybersecurity, exploring state-sponsored threat actors, malware, social engineering, and national security. Benedict is also an expert on B2B security products, including firewalls, antivirus, endpoint security, and password management.