Major 'National Public Data' Leak Worse Than Expected With Passwords Stored in Plain Text

by

Earlier this month, data broker National Public Data (NPD) announced that there had been a major data breach that saw hackers obtain millions of names, email addresses, phone numbers, social security numbers, and mailing addresses stored in its database. NPD is a company that does employee background checks, aggregating public data from numerous sources and selling it.

apple security banner
NPD's security was clearly lacking to allow for the breach in the first place, but a new report from KrebsOnSecurity suggests that an NPD sister site made an even more grievous error, hosting an easily accessible plaintext archive with usernames and passwords.

RecordsCheck.net, a site affiliated with NPD that hosts much of the same information, had a "members.zip" file that was downloadable until yesterday. It had source code and plain text usernames and passwords for RecordsCheck users, including logins belonging to NPD's founder, Salvatore Verini. The logins that were made available through RecordsCheck allowed access to the same data that was available via NPD.

After being alerted by KrebsOnSecurity, RecordsCheck removed the file, and NPD is shutting down the site, according to Verini. He told the KrebsOnSecurity that the file had an "old version of the site with non-working code and passwords."

There are websites that are available to see if your information was leaked in the NPD breach, and it is advisable to lock down your credit.

The NPD leak included decades of information, including data from people who are now deceased. 137 million email addresses were leaked, as were 272 million social security numbers. A lawsuit has since been filed against NPD.

Popular Stories

top stories 2025 12 20

Top Stories: iOS 26.3 Beta, Major Apple Leaks, and More

Saturday December 20, 2025 6:00 am PST by
You'd think things would be slowing down heading into the holidays, but this week saw a whirlwind of Apple leaks and rumors while Apple started its next cycle of betas following last week's release of iOS 26.2 and related updates. This week also saw the release of a new Apple Music integration with ChatGPT, so read on below for all the details on this week's biggest stories! Top Stories i...
Read Full Article19 comments
maxresdefault

Where's the New Apple TV?

Monday December 22, 2025 11:30 am PST by
Apple hasn't updated the Apple TV 4K since 2022, and 2025 was supposed to be the year that we got a refresh. There were rumors suggesting Apple would release the new Apple TV before the end of 2025, but it looks like that's not going to happen now. Subscribe to the MacRumors YouTube channel for more videos. Bloomberg's Mark Gurman said several times across 2024 and 2025 that Apple would...
Read Full Article121 comments
iPhone Top Left Hole Punch Face ID Feature Purple

iPhone 18 Pro Features Leaked in New Report, Including Under-Screen Face ID

Tuesday December 16, 2025 8:44 am PST by
Next year's iPhone 18 Pro and iPhone 18 Pro Max will be equipped with under-screen Face ID, and the front camera will be moved to the top-left corner of the screen, according to a new report from The Information's Wayne Ma and Qianer Liu. As a result of these changes, the report said the iPhone 18 Pro models will not have a pill-shaped Dynamic Island cutout at the top of the screen....
Read Full Article60 comments
ios 18 security update

Don't Want to Upgrade to iOS 26? Here's How to Stay on iOS 18 [Update: Now Unavailable]

Friday December 19, 2025 10:37 am PST by
Since the beginning of December, Apple has been pushing iPhone users who opted to stay on iOS 18 to install iOS 26 instead. Apple started by making the iOS 18 upgrades less visible, and has now transitioned to making new iOS 18 updates unavailable on any device capable of running iOS 26. If you have an iPhone 11 or later, Apple is no longer offering new versions of iOS 18, even though there...
Read Full Article423 comments
iOS 26

iOS 26.3 Brings AirPods-Like Pairing to Third-Party Devices in EU Under DMA

Monday December 22, 2025 3:20 pm PST by
The European Commission today praised the interoperability changes that Apple is introducing in iOS 26.3, once again crediting the Digital Markets Act (DMA) with bringing "new opportunities" to European users and developers. The Digital Markets Act requires Apple to provide third-party accessories with the same capabilities and access to device features that Apple's own products get. In iOS...
Read Full Article52 comments
iPhone Chips

Apple Clings to Samsung as RAM Prices Soar

Monday December 22, 2025 6:17 am PST by
Apple is significantly increasing its reliance on Samsung for iPhone memory as component prices surge, according to The Korea Economic Daily. Apple is said to be expanding the share of iPhone memory it sources from Samsung due to rapidly rising memory prices. The shift is expected to result in Samsung supplying roughly 60% to 70% of the low-power DRAM used in the iPhone 17, compared with a...
Read Full Article64 comments
apple beta 26 lineup

Apple's 2026 and 2027 Product Roadmap: Foldable iPhone, iPhone 18 Pro, M5 Macs, and More

Tuesday December 16, 2025 4:42 pm PST by
There has been a whirlwind of rumors over the last few days, sourced from leaked internal software designed for the iPhone and the Mac, and news sites like The Information. Below, we have a quick recap of everything we've heard this week, which serves as a guide to Apple's product plans in 2026 and beyond. We've organized the info by likely release date, though there are some products that...
Read Full Article44 comments

Top Rated Comments

icanhazmac Avatar
icanhazmac
18 months ago

These companies need to be held accountable when things like this happen. They should be fined millions, and all leadership should be [S]replaced[/S] criminally charged immediately.
I made your comment better... at least in my opinion.
Score: 70 Votes (Like | Disagree)
ThailandToo Avatar
ThailandToo
18 months ago
This is why the USA needs laws for protection like the EU has…
Score: 54 Votes (Like | Disagree)
DMG35 Avatar
DMG35
18 months ago
These companies need to be held accountable when things like this happen. They should be fined millions, and all leadership should be replaced immediately.
Score: 45 Votes (Like | Disagree)
subjonas Avatar
subjonas
18 months ago
This is why I never have and never will use the internet.
Score: 33 Votes (Like | Disagree)
PhantomStar Avatar
PhantomStar
18 months ago
The DOJ should be pursuing criminal charges if not financial as well, to send a message to other data brokers on their relaxed security. In addition proper legislation needs to be enacted to prevent such mass collection without any proper protocols enforced which currently does not exist.
Score: 28 Votes (Like | Disagree)
routine_analyst Avatar
routine_analyst
18 months ago
Amazing how often our data is stolen and yet no one is ever really held accountable to the full degree of the pain it inflicts on the victims. Free ID protection (for 6 months) and "How to not have my identity stolen" classes don't cut it. The companies responsible for this should have never been able to keep any of the data to begin with. Whether it's SSN and medical data or usernames and passwords, all stolen... something's gotta replace all this and IF there's ever a breech, those responsible for storing the data need to be held accountable.
Score: 26 Votes (Like | Disagree)
Read All Comments