A notorious hacker named USDoD, who is linked to the National Public Data and InfraGard breaches, has been arrested by Brazil's Polícia Federal in
The notorious hacker USDoD, who is best known for high-profile data leaks, appears to be a man from Brazil, according to investigations conducted by CrowdStrike and others.
Over the past few years, USDoD, aka EquationCorp, has leaked vast amounts of information stolen from major organizations. His targets include the FBI’s InfraGard portal, Airbus, credit reporting firm TransUnion, background checking service National Public Data (NPD), and many others.
I decided to write this post because there's no concise way to explain the nuances of what's being described as one of the largest data breaches ever. Usually, it's easy to articulate a data breach; a service people provide their information to had someone snag it through an act of unauthorised access and publish a discrete corpus of information that can be attributed back to that source. But in the case of National Public Data, we're talking about a data aggregator most people had never heard of where a "threat actor" has published various partial sets of data with no clear way to attribute it back to the source. And they're already the subject of a class action, to add yet another variable into the mix. I've been collating information related to this incident over the last couple of months, so let me talk about what's known about the incident, what data is circulating and what remains a bit of a mystery.
Billions of records detailing people's personal information may soon be dumped online after being allegedly obtained from a Florida firm that handles background checks and other requests for folks' private info.
A criminal gang that goes by the handle USDoD put the database up for sale for $3.5 million on an underworld forum in April, and rather incredibly claimed the trove included 2.9 billion records on all US, Canadian, and British citizens. It's believed one or more miscreants using the handle SXUL was responsible for the alleged exfiltration, who passed it onto USDoD, which is acting as a broker.
