The Mystery Surrounding a Suspected Data Trafficker's Data Theft | TechCrunch - Latest Global News

The Mystery Surrounding a Suspected Data Trafficker’s Data Theft | TechCrunch

Since April, a hacker who has previously sold stolen data has claimed that billions of records were stolen from a US data broker, affecting at least 300 million people, making it one of the largest alleged data breaches of the year.

The data TechCrunch was able to view appears partially legitimate on its own—if not perfect. The stolen data, advertised on a popular cybercrime forum, is reportedly years old and includes U.S. citizens’ full names, their previous home addresses, and their social security numbers—data that is offered for sale by data brokers everywhere.

However, the source of the alleged data theft could not be clearly confirmed. This is the nature of the data brokering industry, which hoovers up individuals’ personal data from a variety of sources with little to no quality control.

According to the hacker, the alleged data broker in question is National Public Data, which describes itself as “one of the largest providers of public records on the Internet.”

On its official website, National Public Data claimed to sell access to several databases: a “people search” where customers can search by social security number, name and date of birth, address, or phone number; a database of U.S. consumer data “covering over 250 million individuals,” a database of voter registration data containing information on 100 million U.S. citizens; a database of criminal records, and several more.

Malware research group vx-underground said on X (formerly Twitter) that it had reviewed the entire stolen database and “can confirm that the data it contains is genuine and accurate.”

“We searched for several individuals who consented to have their information requested,” the group wrote, adding that they were able to find those individuals’ information, including names, address history going back more than three decades, and Social Security numbers.

“We were also able to find her parents and closest siblings. We were able to identify someone [sic] Parents, deceased relatives, uncles, aunts and cousins,” wrote vx-underground.

TechCrunch made similar efforts to verify the authenticity of the data – with mixed results.

Contact us

Do you have more information about this or similar incidents? From a personal device, you can reach Lorenzo Franceschi-Bicchierai securely via Signal at +1 917 257 1382, Telegram, Keybase, and Wire @lorenzofb, or email. You can also reach Zulkarnain Saer Khan via Signal at +36707723819 or via X @ZulkarnainSaer. You can also contact TechCrunch via SecureDrop.

When we reviewed a smaller sample of five million records, we found tons of names and addresses that matched corresponding public records, but also some data that didn’t always make sense — such as email addresses with different names that had no obvious connection to the rest of the person’s data. Some records purported to contain information about well-known high-ranking individuals, including the personal information of a former U.S. president.

TechCrunch provided the U.S. Department of Defense, the hacker selling the data, with the names of eight people who gave their consent to verify that the hacker actually had legitimate data. The hacker did not return any of the eight people’s data.

TechCrunch also contacted a hundred people whose numbers and emails were included in the sample. Only one person responded and confirmed that some of his allegedly stolen data was correct, but not all of it.

Even direct contact with the suspected source of the data theft did not yield much of a response.

Despite multiple attempts to contact the company, National Public Data has not responded, nor has its founder and CEO Salvatore Verini. After TechCrunch first contacted National Public Data last week, the company took down its web pages that included details about the databases it sells access to.

Not all data leaks claimed by hackers, especially those announced on hacker forums, turn out to be real. For this reason, TechCrunch and other cybersecurity reporters often spend a lot of time trying to verify a data leak, sometimes leading to inconclusive results.

But this alleged data breach by a data broker appears to be an exceptional case, in part because some of the data appears genuine and others have already been verified.

The proliferation and commodification of personal data in the data broker industry also makes it difficult to identify the source of data leaks. And even if this particular data breach remains unresolved, it shows once again that the data broker industry is out of control and poses real privacy problems for ordinary people.

We were not able to definitively solve the mystery of this data theft, but there was enough information to document our verification efforts. One thing is clear: as long as data brokers collect personal information, there remains a risk that the data will become public.

Sharing Is Caring:

Leave a Comment