Some 2.7 billion records relating to people in the U.S. stolen from a data broker earlier this year have been released for free on hacking site Breach Forums, potentially exposing nearly every living American to the data breach.

The data in question was stolen from a data broker by the name of National Public Data in April and had been offered for sale on Breach Forums and on dark web sites. But now most of the same data has now been released for free.

The data is said to include names, mailing addresses, Social Security numbers and other additional details in an unencrypted format. However, Bleeping Computer reported Sunday that the free dump did not include phone numbers and email addresses, which were in the original stolen data offered for sale earlier this year.

Based in Coral Springs, Florida, National Public Data was founded in 2008 and provides services to businesses to perform background checks on prospective employees and others. The data broker obtains personal information from public and nonpublic databases, court records, state and national databases and other repositories. The data gathered by the company often includes sensitive personal information that is used as part of the background check process.

The hack in April of the company was undertaken by a criminal group known as USDoD, which originally offered the stolen data for sale for $3.5 million. Exactly how the data was stolen has never been disclosed, but National Public Data faces four class lawsuits over the breach, including one accusing the company of negligence, unjust enrichment and breaches of fiduciary duty.

Once upon a time, a breach of 2.7 billion records and their subsequent publication would have caused widespread shock, but in 2024, it’s par for the course.

“This incident is part of a larger, ongoing trend we’ve seen over the past several years,” Paul Laudanski, director of security research at cybersecurity provider Onapsis Inc., told SiliconANGLE. “The proliferation of sensitive data online has created a lucrative target for cybercriminals. As this continues to grow, there can be an anticipated rise in data breaches as attackers refine their tactics and exploit emerging vulnerabilities and security gaps.”

Laudanski noted that businesses need to remain vigilant, including conducting regular security assessments, implementing strong encryption and training employees to follow security best practices. He added that “while complete prevention is challenging due to the evolving nature of the landscape, proactive measures can be taken to significantly reduce the risk of attacks at this scale.”

Image: SiliconANGLE/Ideogram