The site is now operating under new ownership as a free people search engine, raising fresh privacy concerns for millions of Americans.
The Original Breach
In December 2023, National Public Data – a background check and fraud prevention service owned by Jericho Pictures – suffered a catastrophic security breach. A threat actor known as “USDoD” gained access to the company’s systems and leaked sensitive data onto the dark web from April 2024 through the summer of 2024.
The breach exposed approximately 272 million Social Security numbers, representing about 60% of all historical SSNs ever issued by the IRS. The compromised data included full names, Social Security Numbers, mailing addresses, email addresses, and phone numbers.
The hacker initially attempted to sell the stolen data for $3.5 million, claiming it contained records for every person in the United States, United Kingdom, and Canada. This represented one of the most comprehensive personal data breaches in recent history.
Site Shutdown and Legal Consequences
Following the breach disclosure and a wave of lawsuits against parent company Jericho Pictures, National Public Data went offline in December 2024. The company ceased operations entirely, along with its sister site RecordCheck.net. The shutdown came amid mounting legal pressure and regulatory scrutiny over the company’s data security practices.
The Site’s Return Under New Management
National Public Data has recently reemerged under the domain nationalpublicdata.com with a completely revamped interface. The site now operates as a “free people search engine” that allows users to search for anyone’s personal details, marking a significant shift from its previous business model.
Unclear Ownership
The current operators explicitly distance themselves from the original company, stating that Jericho Pictures, the Florida-based firm that experienced the significant data breach in 2024, is no longer in control of the site. They claim to have no connection with the previous owners.
However, the new owners remain undisclosed. Domain registration records show it’s linked to “Perfect Privacy,” a name associated with a VPN service in Florida, but the actual individuals or organization behind the site’s operation have not been publicly identified.
Ongoing Privacy Concerns
The site’s return has raised significant privacy and security concerns among cybersecurity experts and consumer advocates:
Data Source Uncertainty: The new National Public Data claims to gather information from “publicly accessible” sources including government databases and social media platforms. However, the actual source of their extensive database remains uncertain, particularly given the timing of their return and the scope of data available.
Persistent Data Exposure: The site likely still contains personal information about millions of Americans from the original breach. Despite claims of new ownership, there’s no clear indication that the compromised data has been properly secured or removed from circulation.
Limited Accountability: With undisclosed ownership and claims of no connection to the original breach, there’s minimal accountability for current data handling practices. This creates a concerning precedent for how breached data can continue to circulate under new management.