This browser does not support the Video element.
A stunning data breach involving the personal information of virtually every American – including Social Security numbers – has raised serious concerns about what cyber criminals will do with the sensitive data.
The notorious hacking group USDoD claims to have stolen 2.9 billion personal records in the U.S., UK and Canada. If it’s true, nearly every American would have some of their information included in the leak.
The breach happened late last year at National Public Data, but hackers began sharing some of the stolen data publicly in April and again this summer, the company said on its website. National Public Data sells personal information to employers, private investigators, staffing agencies and others doing background checks, The Los Angeles Times reported.
Reports say the leak includes records dating back 30 years, and cybersecurity experts warn it could fuel a rise in identity theft, fraud and other cyber crimes.
Who is behind the data theft?
Hacking group USDoD claimed responsibility for the breach at National Public Data. The group was trying to sell the entire database for $3.5 million, but a USDoD member has reportedly released most of it for free on an online marketplace for stolen personal data, according to The Times.
FILE - A notorious hacking group claims to have stolen 2.9 billion personal records in the U.S., UK and Canada. (Photo Illustration by Thomas Imo/Photothek via Getty Images)
What can hackers do with your information?
A lot of the information included in the breach is what banks, insurance companies and other businesses use when creating accounts and changing user passwords.
RELATED: AT&T hack: ‘Nearly all' customers' call, text records exposed in data breach
Using your name, Social Security number, date of birth and mailing address, a cyber criminal could open fake accounts in your name or try to reset passwords on existing accounts.
Not everything was included in the leak: Hackers didn’t steal email addresses, driver’s license photos or passport photos, which are often used to verify identities.
How to see if your Social Security number was included in the breach
Cybersecurity firm Pentester has launched a tool online for you to see if you were part of the breach.
Go to npd.pentester.com, then enter your first and last name and birth year for a list of breached accounts, including the last four digits of the leaked Social Security numbers.
How to protect your personal information
This browser does not support the Video element.
There are steps you can take to safeguard your personal information in the wake of increasing cyber attacks.
Experts say to monitor credit reports for possible fraudulent activity and notify credit bureaus Experian, Equifax, and TransUnion if something looks suspicious.
RELATED: Live Nation investigates Ticketmaster data breach, customer data offered on dark web
If something does look suspicious, you can ask the credit bureaus to place a freeze on your accounts to prevent anyone from opening a bank account or obtaining a credit card under your name. But don’t forget to lift the freeze temporarily if you’re buying or applying for something that requires a credit check.
It’s also important to use two-factor authentication on all your accounts, avoid using the same passwords for different logins, and make sure to routinely change all your passwords.