Major 'National Public Data' Leak Worse Than Expected With Passwords Stored in Plain Text

by

Earlier this month, data broker National Public Data (NPD) announced that there had been a major data breach that saw hackers obtain millions of names, email addresses, phone numbers, social security numbers, and mailing addresses stored in its database. NPD is a company that does employee background checks, aggregating public data from numerous sources and selling it.

apple security banner
NPD's security was clearly lacking to allow for the breach in the first place, but a new report from KrebsOnSecurity suggests that an NPD sister site made an even more grievous error, hosting an easily accessible plaintext archive with usernames and passwords.

RecordsCheck.net, a site affiliated with NPD that hosts much of the same information, had a "members.zip" file that was downloadable until yesterday. It had source code and plain text usernames and passwords for RecordsCheck users, including logins belonging to NPD's founder, Salvatore Verini. The logins that were made available through RecordsCheck allowed access to the same data that was available via NPD.

After being alerted by KrebsOnSecurity, RecordsCheck removed the file, and NPD is shutting down the site, according to Verini. He told the KrebsOnSecurity that the file had an "old version of the site with non-working code and passwords."

There are websites that are available to see if your information was leaked in the NPD breach, and it is advisable to lock down your credit.

The NPD leak included decades of information, including data from people who are now deceased. 137 million email addresses were leaked, as were 272 million social security numbers. A lawsuit has since been filed against NPD.

Popular Stories

iOS 26 on iPhone Feature

Here's When iOS 26 Rolls Out Today in Every Time Zone [Update: Out Now!]

Monday September 15, 2025 12:00 am PDT by
Update 10:06 a.m.: iOS 26 is rolling out now, though it may take a bit for all users to see it, so keep checking! Today's the day! Apple is about to release iOS 26, which will deliver the biggest redesign since iOS 7 and bring a range of new features and improvements to iPhones worldwide. It's Apple's biggest software update of the year, and Apple announced at last week's iPhone event that...
Read Full Article95 comments
iOS 26 Battery Glass Feature

Apple Says Installing iOS 26 Might Impact Battery Life

Monday September 15, 2025 10:56 am PDT by
In the iOS 26 release notes, Apple is warning iPhone users that installing the new software might have a temporary impact on battery life, which is normal. A new support document explains that major iOS updates require background setup like indexing data and files for search, downloading new assets, and updating apps. Further, Apple says that new features could require more resources,...
Read Full Article120 comments
Tim Cook Rainbow

Apple Reportedly Plans to Launch These 10 Products in 'Coming Months'

Sunday September 14, 2025 8:45 am PDT by
Apple's annual September event is now in the rearview mirror, with the iPhone 17, iPhone 17 Pro, iPhone 17 Pro Max, iPhone Air, Apple Watch Series 11, Apple Watch Ultra 3, Apple Watch SE 3, and AirPods Pro 3 set to launch this Friday, September 19. As always, there is more to come. In his Power On newsletter today, Bloomberg's Mark Gurman said Apple plans to release many products in the...
Read Full Article83 comments
AirPods Pro Firmware Feature

AirPods Pro 2 and AirPods 4 Get iOS 26 Features With New Firmware Update

Monday September 15, 2025 10:50 am PDT by
Apple today released updated firmware for the AirPods Pro 2 and the AirPods 4, introducing support for the new AirPods features that are included in iOS 26, iPadOS 26, and macOS Tahoe. The firmware has a build number of 8A356, and it replaces the current 7E93 firmware. With Apple's new software updates, the AirPods Pro 2 and the AirPods 4 support better audio quality for phone calls and...
Read Full Article67 comments
iphone 17 lineup

iPhone 17 Models Launch on September 19 With These New Features

Friday September 12, 2025 7:58 am PDT by
Apple will launch its new iPhone 17 lineup and ultra-thin iPhone Air in stores on Friday, September 19, and the company has already shown off the new devices at its fall event, which ran with the the tagline "Awe dropping." The iPhone 17 series brings a host of new features and enhancements. Here's a rundown of the biggest upgrades and changes: iPhone 17 Display Changes The iPhone...
Read Full Article17 comments
iOS 26 Feature

iOS 26 Available Now With These 8 New Features

Monday September 15, 2025 5:45 am PDT by
Following three months of beta testing, iOS 26 was released today, September 15. The update is compatible with the iPhone 11 series and newer, and it is available to install via the Settings app, under General → Software Update. Below, we have highlighted eight new features included in iOS 26. Even more new features and changes are outlined in Apple's release notes for the update. Some of ...
Read Full Article145 comments
iPhone 17 Pro Air Boxes

iPhone Air and iPhone 17 Pro Boxes Revealed

Sunday September 14, 2025 1:36 pm PDT by
T-Mobile President Jon Freier today shared real-world photos of Apple's boxes for the iPhone Air, iPhone 17 Pro, and iPhone 17 models, which launch on Friday. Image Credit: Jon Freier Apple has typically included iPhone box renders in its product environmental reports, but it did not do so for the latest models. However, Apple's iPhone Upgrade Program page does offer some images of the boxes, ...
Read Full Article74 comments

Top Rated Comments

icanhazmac Avatar
icanhazmac
14 months ago

These companies need to be held accountable when things like this happen. They should be fined millions, and all leadership should be [S]replaced[/S] criminally charged immediately.
I made your comment better... at least in my opinion.
Score: 70 Votes (Like | Disagree)
ThailandToo Avatar
ThailandToo
14 months ago
This is why the USA needs laws for protection like the EU has…
Score: 54 Votes (Like | Disagree)
DMG35 Avatar
DMG35
14 months ago
These companies need to be held accountable when things like this happen. They should be fined millions, and all leadership should be replaced immediately.
Score: 45 Votes (Like | Disagree)
subjonas Avatar
subjonas
14 months ago
This is why I never have and never will use the internet.
Score: 33 Votes (Like | Disagree)
PhantomStar Avatar
PhantomStar
14 months ago
The DOJ should be pursuing criminal charges if not financial as well, to send a message to other data brokers on their relaxed security. In addition proper legislation needs to be enacted to prevent such mass collection without any proper protocols enforced which currently does not exist.
Score: 28 Votes (Like | Disagree)
routine_analyst Avatar
routine_analyst
14 months ago
Amazing how often our data is stolen and yet no one is ever really held accountable to the full degree of the pain it inflicts on the victims. Free ID protection (for 6 months) and "How to not have my identity stolen" classes don't cut it. The companies responsible for this should have never been able to keep any of the data to begin with. Whether it's SSN and medical data or usernames and passwords, all stolen... something's gotta replace all this and IF there's ever a breech, those responsible for storing the data need to be held accountable.
Score: 26 Votes (Like | Disagree)
Read All Comments