Last night, DataBreaches received an alert from Experian Identity Works that my Social Security number had shown up in its dark web surveillance.
There were three entries where it had shown up last week. All three related to the massive National Public Data breach and leak.
But looking at the three entries, I noted that two of them were accurate in terms of the information. A third, however, showed a person with the same name as mine, but a different address that had never been mine, a phone number that had never been mine, and the last four digits of my SSN.
I contacted Equifax to see what they would show. Their search of my SSN found only my own accurate information. When I asked them to search for the other party’s address and phone number with the same name, Equifax informed me that that person had no credit report with them at all.
I subsequently sent an email to Experian Support to see what they will tell me or do, but I also emailed National Public Data a “Request to OPT OUT” this morning:
To Whom It May Concern:
National Public Data has entries on me that erroneously merge MY identity information with the identity information of another person with the same name. This is obviously problematic.
Please promptly REMOVE the entry for “[name redacted”] at [address, city, state redacted] that shows SSN ending in [redacted]. That person does NOT have my SSN.
I do not know what DOB you show for that person, but the whole entry needs to be removed.
Also, because you have now put me at risk of ID theft and fraud by a data breach that gives criminals fraudulent info on me, please immediately remove the two entries for “[name redacted]” in “[city, state redacted]” with SSN ending “[redacted].”
If you fail to do so and I suffer any fraud, I will be holding NPD accountable and liable.
So yes, I demanded they remove the entry for the person who had my SSN with their information, and also the two entries about me that were accurate but I wanted to opt-out.
Within hours, NPD responded:
Hello,
Thank you for contacting us. We have received your communication.
We have removed the entire database from our system. We may be required to retain certain records to comply with legal obligations; we will retain your request and our response for our records. Please note that while we are unable to edit or remove third-party data about you, including in public records, we will not sell your personal information through our services.
If you had other requests or questions, response times may be delayed.
Sincerely,
National Public Data
So… they responded more quickly than I imagined. Their site does not indicate that they are offering any mitigation services to all those affected who had their SSN exposed and I still have no idea where the incorrect information about me originated or how to get rid of it, but at least NPD is no longer selling my information. But of course, the data are already out there. I have security freezes already in place to help protect myself from identity theft in situations that require a credit report check. If you do not have security freezes or alerts in place, you may want to consider them for yourself.
If you would like information on how to OPT-OUT of NPD, see their page at https://nationalpublicdata.com/optout.html and send an email with the subject line, “Request to OPT-OUT” to Sales@NationalPublicData[.]com
This post originally appeared at the sister site, DataBreaches.net.