Florida firm sued over theft of 2.9B personal recordswww.theregister.comBackground check biz accused of negligence

If the thieves are to be believed, the database included 2.9 billion records on all US, Canadian, and British citizens, and included their full names, addresses, and address history going back at least three decades, social security numbers, and the names of their parents, siblings, and relatives, some of whom have been dead for nearly 20 years.

It's believed that a digital thief using the handle SXUL exfiltrated the files from National Public Data and then passed it along to a criminal gang that goes by USDoD, who acted as the data broker for the stolen goods and assured would-be buyers that none of the purloined info was scraped from public sources.

Hofmann, in the August 1 lawsuit, says he received a notice from his identity-theft protection service around July 24 notifying him that his personally identifiable information (PII) had ended up on the dark web.

He claims he never provided this sensitive info to National Public Data and "believes that his PII was scraped from non-public sources by defendant."