Two background check services owned by the PeopleConnect corporation, TruthFinder, and Instant Checkmate, have reportedly been struck by a security breach incident. The hack leaked millions of customers’ databases in an underground forum from 2011 to 2019.
TruthFinder and Instant Checkmate are platforms subscribed to by other companies to conduct background checks on individuals through scraped data, court records, social media, or other sources that can help provide significant background information about a person.
A user named ‘Breached’ on a dark web hacking forum posted an alleged data leak consisting of 20.22M customers of the two background check services.
According to reports, the customers of TruthFinder and Instant Checkmate background check services who have subscribed to the platforms from 2011 to April 16, 2019, are included in the data leak posted by the ‘Breached’ threat account in the dark web.
The malicious group published two 2.9GB CSV files that contained the alleged leaked databases of the two platforms’ customers, which included 11.9M from Instant Checkmate, 8.2M from TruthFinder, 4.6K from TruthFinder International, and 98 from other sources.
The post also indicated that among the critical information in the leaked databases are customers’ full names, email addresses, phone numbers, securely encrypted passwords, and expired reset tokens passwords.
Upon threat researchers discovering this data leak issue on the dark web, PeopleConnect had immediately been contacted, to which the company responded with an urgent launch of investigations and incident disclosure to all its customers.
PeopleConnect released the notice to the customers, including full details of which data have been compromised and its scope of date. The company also clarified that the incident resulted from an accidental leak or theft of a specific list in their corporate network.
External cybersecurity services and authorities have also been notified to help with the investigations. Fortunately, there is no evidence of an active breach within the company’s network, and the previous incident had already been contained.
Nonetheless, the customers of the two affected background check services need to monitor their accounts closely and observe potential attack attempts from malicious actors. It is highly advised to report to the authorities if these circumstances occur.
