TruthFinder and Instant Checkmate Suffer Data Breach: 20 Million Customers Affected

Organization: PeopleConnect, the parent company of TruthFinder and Instant Checkmate
Exploit: Hacking, Data Breach
Industry: Background Checking Services
Sources: https://www.scmagazine.com/analysis/breach/maryland-hospital-facing-outages-after-significant-ransomware-attack

PeopleConnect, the parent company of TruthFinder and Instant Checkmate, confirmed that the two background-checking services suffered a data breach after hackers leaked a 2019 backup database containing the info of millions of customers. The leaked data, allegedly belonging to 20.22 million customers who used the services between 2011 and 2019, was exposed on a dark web forum on January 21, 2022. The information leaked includes users' email addresses, hashed passwords, first and last names, and phone numbers.

TruthFinder and Instant Checkmate are both subscription-based services that allow customers to perform background checks on other people. The sites use publicly scraped data, federal, state, and court records, criminal records, social media, and other sources to conduct background checks.

In 2020, PubRec, LLC (the owners of TruthFinder and Instant Checkmate) merged with PeopleConnect Holdings, Inc. (the owners of Classmates and Intellius), creating a massive portfolio of services specialized in finding information about people.

On January 21st, a member of the Breached hacking and data breach forum leaked the data of allegedly 20.22 million TruthFinder and Instant Checkmate customers who used the services up to April 16th, 2019.

The stolen data was shared as two 2.9 GB CSV files containing only customer information before the backup was created on April 16th, 2019.

The exposed TruthFinder and Instant Checkmate customer information includes email addresses, hashed passwords, first and last names, and phone numbers.

The data was stolen from an exposed database backup found by a forum member, according to Pompompurin, the owner of the Breached forum, who told BleepingComputer about the incident.

After BleepingComputer and Troy Hunt of Have I Been Pwned contacted PeopleConnect about the data leak earlier this week, the company immediately launched an investigation and was transparent about its intentions to disclose the incident.

PeopleConnect has confirmed that both TruthFinder and Instant Checkmate suffered a data breach and warns customers to be on the lookout for targeted phishing attacks. The company is still investigating the incident and has engaged a third-party cybersecurity firm to assist with the investigation. There is no evidence of their network being breached.

As a precaution, users can use the Have I Been Pwned service to confirm if their account information was exposed. Hunt, the service's creator, will be adding the leaked data to the service today.

TruthFinder and Instant Checkmate customers who used the services between 2011 and 2019 need to be aware that their personal information has been compromised as a result of the data breach. PeopleConnect is urging customers to be vigilant and to watch out for any targeted phishing attacks. The company is continuing to investigate the incident, and more information will be made available as it becomes known. Users can also use the Have I Been Pwned service to check if their data has been leaked.