Following the recently widely published news that almost every Social Security Number in the US has been compromised, cyber security expert, Guy Golan, CEO and founder of global cyber security firm Performanta.
Schubert Jonckheer & Kolbe is a firm of class action lawyers specialised in investigating and prosecuting consumer and financial fraud. The firm recently released information that it is conducting an investigation into a data breach impacting the private information of 2.9 billion records stored by Jerico Pictures, Inc., which operates as National Public Data (“NPD”), a Florida-based background-check company.
According to the law firm, in approximately April 2024, a cyber criminal group called “USDod” reportedly breached NPD’s systems and stole private information on Americans collected by the company. On April 8, 2024, USDoD claimed on the dark web that they had stolen the personal data of 2.9 billion people and offered to sell the database for a payment of $3.5 million.
Schubert Jonckheer & Kolbe also states that according to vx-underground, which collects information about cyber security issues, the stolen file includes 277.1 gigabytes of data, including names, address histories, relatives, and Social Security numbers dating back at least three decades.
Guy Golan, CEO of Performanta, has over 20 years cyber experience, and began his career in national intelligence. Here he comments on the seriousness of what has happened and suggests that the social security number system should be put out to pasture to be replaced with a more technologically advanced strategy.
“This isn’t anything new.” States Golan. “Granted, we haven’t seen a breach of social security numbers on this scale before but it happens all day, every day in smaller chunks. It’s likely that every social security number has been leaked on the dark web multiple times over, long before this most recent attack.”
“The idea that you can’t give out your social security number because it’s ‘your biggest secret’ just doesn’t exist anymore. But importantly, the world hasn’t collapsed. The right controls are in place to ensure attacks like this don’t cause mass chaos. It just brings awareness to the fact that having social security numbers is an outdated concept. We now live in an age of two-factor authentication and biometrics. It may well be that the government needs to reconsider the whole concept of social security numbers in light of the technology we now have to defend against attacks and protect the security of its citizens.”
“What is essential to understand is that cyber security is not the responsibility of the individual. Following basic guidance is useful, but it is the duty of corporates and governments to defend its citizens. Make no mistake: these are attacks. Just because they lack physicality doesn’t make them any less real and they’ll only become more dangerous to society and to the economy. It’s time to take a cyber safety approach, pushing past mere compliance and tick-boxing exercises and treat the threat with the severity it requires,” concludes Golan.
