When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Microsoft posts guide on National Public Data breach that leaked SSNs, house addresses, more

Microsoft Defender logo

Earlier today, we shared an update on Defender definitions regarding Windows installation images. While doing that, Neowin also noticed that Microsoft had posted a link to a new support page it put up about the National Public Data (NPD) breach that came to light recently.

It was a large-scale breach as a result of a cyber-attack by USDoD, a cybercriminal group, and affects well over 150 million people and close to 3 million records of personal sensitive data like social security numbers (SSNs), house addresses, names, and more have leaked.

The U.S. Committee on Oversight and Accountability confirmed it is investigating the matter to better understand how and why it happened.

For those not familiar with it, NPD gathers information from public records, national and state databases, and court documents, including some nonpublic sources. This private data is then sold to various organizations, such as background check websites, investigators, app developers, and data resellers.

In its support document, Microsoft explains what happened:

In early 2024, National Public Data, an online background check and fraud prevention service, experienced a significant data breach. Over 2.7 billion records with highly sensitive personal data of nearly 170 million people were exposed.

According to National Public Data, a malicious actor gained access to their systems in December 2023 and leaked sensitive data onto the dark web from April 2024 to the summer of 2024. This data contained the following details:

  • Full names
  • Social Security Numbers
  • Mailing addresses
  • Email addresses
  • Phone numbers

As such, the Redmond giant has put up a list of recommended actions that users can undertake to reduce risk exposure:

Based on the type of information exposed, consumers should consider the following steps to reduce risks. Unless you know exactly what was exposed, you should assume all of the personal data types listed were exposed. As such, we recommend taking the following actions:

You may find more details in the support article here on Microsoft's official website.

Report a problem with article
razer karia x
Next Article

Get the Razer Kaira X PC and Xbox wired headset for its lowest price ever at $35.99

The Microsoft and Microsoft Defender logos over a black background
Previous Article

Microsoft updates Defender for Windows 11/10 install images, patches ransomware, and more

Join the conversation!

Login or Sign Up to read and post a comment.

11 Comments - Add comment