Get all your news in one place.
100’s of premium titles.
One app.
Start reading
Tom’s Guide
Tom’s Guide
Technology
Scott Younker

Hacker behind 2.9-billion person data breach caught — what you can do to stay safe

A hacker typing quickly on a keyboard.

Back in August of this year, it was revealed that a hacker going by the screenname USDoD was behind a massive data breach at the public records data provider, National Public Data. That data breach exposed the personal info of over 2.9 billion people including Social Security numbers (SSNs), addresses and full names going back over 30 years. 

Today, Brazil's Policia Federal (PF) announced that they have arrested USDoD in Belo Horizonte/MG, Brazil. The arrest was part of an effort by the PF to investigate data breaches within Brazil and internationally.

"The Federal Police launched Operation Data Breach on Wednesday (16/10), with the aim of investigating invasions of the systems of the Federal Police and other international institutions," reads a press release posted by the PF. 

"A search and seizure warrant and a preventive arrest warrant were served in the city of Belo Horizonte/MG against an investigated person suspected of being responsible for two publications selling Federal Police data, on May 22, 2020 and on February 22, 2022."

The National Public Data breach became known after a class action lawsuit was filed in Florida. USDod apparently tried, or possibly did, sell the data on the dark web with one purported screenshot showing they were seeking $3.5 million. 

The Federal Police launched Operation Data Breach on Wednesday (16/10), with the aim of investigating invasions of the systems of the Federal Police and other international institutions.

Brazil's Policia Federal

Strangely, as pointed out by Bleeping Computer, USDoD's identity was allegedly revealed in August by the Portuguese site Techmundo, who received an anonymous report that had been created by the cybersecurity firm, Crowdstrike. That report revealed that USDoD is a 33-year-old man named Luan BG living in Brazil.

If the name CrowdStrike is familiar, you'll recognize the name from the global outage that occurred when the company released an update to their system that ended up crashing business and government computers around the world.

Luan seemed to confirm that the report was true in an interview with HackRead.

"So congrats to Crowdstrike for doxing me, they are late for the party, intel421 Plus and a few other companies already doxed me even before the Infragard hack," he told HackRead.

In his statement, Luan even invites authorities to arrest him, claiming that he can "do much for the country." It seems clear the PF was probably aided by the Crowdstrike report and this interview.

"The prisoner boasted of being responsible for several cyber invasions carried out in some countries, claiming, on websites, to have disclosed sensitive data of 80,000 members of InfraGard, a partnership between the Federal Bureau Investigation - FBI and private critical infrastructure entities in the United States of America," they wrote in the press release.

They added that they are investigating if Luan (USDoD) is responsible for any other data breaches.

How to stay after a data breach

This isn't even the largest data breach this year, but there are ways to check if your personal or financial is floating around the internet. 

Cybernews created a data leak checker after the huge leak in January and there is always the popular data leak site HaveIBeenPwned, which also allows you to search for exposed information like your email address online.

The best antivirus software can help keep you safe from malware and other attacks, but for the best protection, it should be used in combination with the best identity theft protection services as they can help you recover from identity theft or money lost due to fraud.

Since so much sensitive personal and financial data is out there, you'll want to be careful checking your emails and your messages as hackers often use phishing attacks as a means to infect your smartphone or computer with malware or to trick you into giving up your own data. At the same time, you want to carefully monitor your bank and other financial accounts for signs of suspicious activity. 

The fallout from this breach is ongoing and with a data breach of this size, it will be some time before we know the full extent of the damage it has caused.

More from Tom's Guide

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.