After the size and severity of personal information data breaches in 2025, the old rules no longer apply. It is simply not enough anymore to have good passwords and to employ LifeLock, Identity Guard, or another similar service, to avoid identity theft.

The following are just three of the more recent personal information data breaches, illustrating the size and scale of stolen personal information that likely lives on the dark web. We believe these recent events should inform us all that we are potentially more vulnerable to identity theft and/or fraud than we may think.

1. National Public Data – Nearly 3 billion individuals affected
   In August 2025, a massive breach atNational Public Data (NPD), a major background check firm, exposed information for 2.9 billion people.Data included full names, Social Security numbers, physical addresses, dates of birth, and phone numbers. The incident, linked to hacking group USDoD, is reportedly the largest recorded personal information theft, likely affecting most U.S. citizens and many worldwide.
2. Multiple platforms – 16 billion passwords exposed
   In June 2025, 16 billion login credentials were collected by infostealer malware in the largest credential leak ever.Data spanned dozens of platforms (Facebook, Google, Apple, GitHub, Telegram), including usernames, passwords, authentication tokens, cookies, and metadata.
3. TransUnion Data Breach- Over 4 million Americans affected
   In July 2025, TransUnion reported a breach affecting 4.4 million Americans with exposed data including names, dates of birth, Social Security numbers, billing addresses, phone numbers, and email addresses.

What can you do?

• Consider placing a credit freeze or fraud alert with all three major bureaus (Equifax, Experian, TransUnion).
• Even if you are nowhere near retirement, we recommend creating an gov account to ensure no one is attempting to use your social security number.
• Regularly monitor your financial accounts and credit reports for any suspicious activity or unauthorized changes.
• Use strong, unique passwords for each online account, and avoid using the same password elsewhere.
• Enable two-factor authentication (2FA) wherever available, especially for financial, email, and social media accounts.
• Safeguard physical documents containing personal information in a secure location and shred any unneeded paperwork.

By combining these vigilant, proactive measures, we can significantly reduce the likelihood of identity theft and prevent our personal information from being used against us.

*The information presented represent only the opinions and viewpoints of Opal Advisors and is for general educational purposes only.  This content should not be construed as legal, tax, or financial advice and we do not guarantee that the following suggestions will result in any particular outcome.