Major 'National Public Data' Leak Worse Than Expected With Passwords Stored in Plain Text

by

Earlier this month, data broker National Public Data (NPD) announced that there had been a major data breach that saw hackers obtain millions of names, email addresses, phone numbers, social security numbers, and mailing addresses stored in its database. NPD is a company that does employee background checks, aggregating public data from numerous sources and selling it.

apple security banner
NPD's security was clearly lacking to allow for the breach in the first place, but a new report from KrebsOnSecurity suggests that an NPD sister site made an even more grievous error, hosting an easily accessible plaintext archive with usernames and passwords.

RecordsCheck.net, a site affiliated with NPD that hosts much of the same information, had a "members.zip" file that was downloadable until yesterday. It had source code and plain text usernames and passwords for RecordsCheck users, including logins belonging to NPD's founder, Salvatore Verini. The logins that were made available through RecordsCheck allowed access to the same data that was available via NPD.

After being alerted by KrebsOnSecurity, RecordsCheck removed the file, and NPD is shutting down the site, according to Verini. He told the KrebsOnSecurity that the file had an "old version of the site with non-working code and passwords."

There are websites that are available to see if your information was leaked in the NPD breach, and it is advisable to lock down your credit.

The NPD leak included decades of information, including data from people who are now deceased. 137 million email addresses were leaked, as were 272 million social security numbers. A lawsuit has since been filed against NPD.

Popular Stories

iCloud General Feature Redux

iPhone Users Who Pay for iCloud Storage Receive a New Perk

Thursday March 20, 2025 12:01 am PDT by
If you pay for iCloud storage on your iPhone, Apple has a new perk for you, at no additional cost. The new perk is the ability to create invitations in the Apple Invites app for the iPhone, which launched in the App Store last month. In the Apple Invites app, iCloud+ subscribers can create invitations for any occasion, such as birthday parties, graduations, baby showers, and more. Anyone ...
Read Full Article28 comments
apple wallet drivers license feature iPhone 15 pro teal 1

Apple Says iPhone Driver's Licenses Coming to These 8 U.S. States, But Rollout Remains Slow

Wednesday March 19, 2025 6:55 am PDT by
In select U.S. states, residents can add their driver's license or state ID to the Wallet app on the iPhone and Apple Watch, providing a convenient and contactless way to display proof of identity or age at select airports and businesses, and in select apps. Unfortunately, this feature continues to roll out very slowly. It has been three and a half years since Apple first announced the...
Read Full Article63 comments
Generic iOS 19 Feature Mock

iOS 19 Coming in June With These New Features

Thursday March 20, 2025 2:04 pm PDT by
While the first iOS 19 beta is still more than two months away, there are already plenty of rumors about the upcoming software update. Below, we recap the key iOS 19 rumors so far. visionOS-Like Design In January, the YouTube channel Front Page Tech revealed a redesigned Camera app that is allegedly planned for iOS 19. According to Front Page Tech host Jon Prosser, the Camera app...
Read Full Article42 comments
Windows Vista

Apple Might Be Having Its Windows Vista Moment, Says Analyst

Thursday March 20, 2025 6:52 am PDT by
Is Apple experiencing a "Vista-like drift into systemically poor execution?" That was a question posed by well-known technology analyst Benedict Evans, in a recent blog post covering Apple's innovation and execution, or seemingly lack thereof as of late. He is referring to Microsoft's Windows Vista operating system, which was widely criticized when it launched in 2007 due to software bugs,...
Read Full Article169 comments
iPhone 17 Air Fanned Feature

First iPhone 17 Air Case Has Camera Bar, Camera Control Button Cutouts

Wednesday March 19, 2025 5:29 am PDT by
Serial leaker Sonny Dickson today shared an image of what he claims is a first look at a third-party case for Apple's iPhone 17 Air. "If you didn’t know an Air was coming, you'd swear it was a Google Pixel case," he said. Case manufacturers often obtain design specifications of upcoming iPhone models before their release by collaborating with Apple through official partnerships or...
Read Full Article45 comments
iPhone 17 Pro Render Front Page Tech

Latest iPhone 17 Pro Dummies Highlight Apple's New Part-Glass Design

Thursday March 20, 2025 5:27 am PDT by
Seasoned leaker Sonny Dickson has shared more dummy models of Apple's upcoming iPhone 17 series, with the latest lot revealing a noticeable shift in Apple's iPhone Pro model design that goes beyond the much-talked-about new rear camera bar. Dickson points out that the iPhone 17 Pro dummy models feature an outlined area on the back, beginning just below the camera module and extending to the...
Read Full Article122 comments
iphone 16 pro ghost hand

Next Year's iPhone 18 Pro Already Rumored to Have Five New Features

Tuesday March 18, 2025 1:00 pm PDT by
While the iPhone 18 Pro models are still around a year and a half away from launching, there are already some early rumors about the devices. Below, we recap some key iPhone 18 Pro rumors so far. Under-Screen Face ID In April 2023, display industry analyst Ross Young shared a roadmap showing that iPhone 17 Pro models would feature under-display Face ID. In May 2024, however, Young said ...
Read Full Article78 comments
Generic iOS 19 Feature Mock

iOS 19 and iOS 20 Must Include a Long List of Major Changes, EU Says

Wednesday March 19, 2025 10:26 am PDT by
The European Commission today announced a long list of changes that Apple is legally required to implement in future iOS 19 and iOS 20 updates. The announcement clarifies interoperability requirements that Apple is required to adhere to in the EU, under the Digital Markets Act, which has been fully enforced since March 2024. The changes will further open up the iPhone and its technologies to ...
Read Full Article390 comments
airpods pro 2 gradient

AirPods Pro 3 Launch Now Just Months Away: Here's What We Know

Tuesday March 18, 2025 9:13 am PDT by
Despite being released over two years ago, Apple's AirPods Pro 2 continue to dominate the wireless earbud market. However, with the AirPods Pro 3 expected to launch in 2025, anyone thinking of buying Apple's premium earbuds may be wondering if the next generation is worth holding out for. Apart from their audio and noise-canceling performance, which are generally regarded as excellent for...
Read Full Article50 comments

Top Rated Comments

icanhazmac Avatar
icanhazmac
8 months ago

These companies need to be held accountable when things like this happen. They should be fined millions, and all leadership should be [S]replaced[/S] criminally charged immediately.
I made your comment better... at least in my opinion.
Score: 70 Votes (Like | Disagree)
ThailandToo Avatar
ThailandToo
8 months ago
This is why the USA needs laws for protection like the EU has…
Score: 54 Votes (Like | Disagree)
DMG35 Avatar
DMG35
8 months ago
These companies need to be held accountable when things like this happen. They should be fined millions, and all leadership should be replaced immediately.
Score: 45 Votes (Like | Disagree)
subjonas Avatar
subjonas
8 months ago
This is why I never have and never will use the internet.
Score: 33 Votes (Like | Disagree)
PhantomStar Avatar
PhantomStar
8 months ago
The DOJ should be pursuing criminal charges if not financial as well, to send a message to other data brokers on their relaxed security. In addition proper legislation needs to be enacted to prevent such mass collection without any proper protocols enforced which currently does not exist.
Score: 28 Votes (Like | Disagree)
mcfrazieriv Avatar
mcfrazieriv
8 months ago
Amazing how often our data is stolen and yet no one is ever really held accountable to the full degree of the pain it inflicts on the victims. Free ID protection (for 6 months) and "How to not have my identity stolen" classes don't cut it. The companies responsible for this should have never been able to keep any of the data to begin with. Whether it's SSN and medical data or usernames and passwords, all stolen... something's gotta replace all this and IF there's ever a breech, those responsible for storing the data need to be held accountable.
Score: 26 Votes (Like | Disagree)
Read All Comments