The initial shutdown of the National Public Data (NPD) website in April 2024 seemed like a direct consequence of one of the largest data breaches in history. Operated by Jerico Pictures, the platform had been responsible for the leak of up to 2.9 billion records, a trove of highly sensitive information including names, addresses, Social Security numbers, phone numbers, and family details. The incident affected individuals across the United States, the United Kingdom, and Canada, prompting many to believe it was a long-overdue moment of accountability for a data broker that had been collecting and selling private information without consumer consent. The subsequent Chapter 11 bankruptcy filing by Jerico Pictures appeared to be the final chapter of a company brought down by its own negligence.
However, the story did not end there. National Public Data is now back online, resurrected under new ownership by a Florida-based company called Perfect Privacy LLC. According to privacy experts, the revival of the platform under a new name but with the same business model highlights the alarming lack of oversight in the data broker industry. The new site offers the same services, and most shockingly, the same leaked data from the previous breach remains searchable and accessible. This has created a “privacy nightmare,” as one expert described it, allowing cybercriminals to exploit this information for identity theft and sophisticated phishing scams.
The legal fallout from the breach continues to unfold, targeting the original owner, Jerico Pictures. A key lawsuit, Hofmann v. Jerico Pictures, Inc., was filed on August 1, 2024, in the U.S. District Court for the Southern District of Florida. The plaintiff, Christopher Hofmann, accused the company of gross negligence for its failure to protect consumer data. The lawsuit highlights that the exposed records, which included everything from SSNs to personal relationships and past addresses, were stored without any proper security measures like encryption or redaction, making them an easy target.
The ongoing legal battles are seeking more than just financial compensation; they are demanding systemic reforms. Hofmann’s lawsuit specifically asks the court to mandate strict data security practices, including annual third-party audits, the implementation of stronger encryption, and the creation of mandatory threat management controls. The goal is to force the company to adopt the security measures it failed to employ previously, creating a precedent for other data brokers. The case is one of several lawsuits that have made Jerico Pictures one of the most legally challenged data brokers in recent years.
The return of NPD under new ownership while the old data is still circulating underscores a fundamental issue: a simple change in corporate identity does not erase the pervasive risks associated with a flawed business model. It reveals a broken system where companies can simply rebrand and continue their operations after a catastrophic privacy failure. The incident serves as a stark reminder of the urgent need for comprehensive federal and international regulations to govern the data brokerage industry, ensuring that a company cannot simply evade responsibility for exposing billions of records by changing its name.
Reference:
