How Material is That Hack?
Powered by Safe Security
Jerico Pictures, Inc. d/b/a National Public Data
Data Exfiltration - company filed for Chapter 11 bankruptcy
First Reported: June 3, 2024
Last Updated: October 22, 2024
*Last Financial Year
Modeling Assumptions
with no direct interactions with the company
UPDATED MATERIALITY ASSESSMENT, October 22, 2024
Jerico Pictures, Inc., aka National Public Data, aka CriminalScreen.Com, aka RecordsCheck.Net, filed for Chapter 11 Bankruptcy in the US Bankruptcy Court, Southern District of Florida, as a small business debtor corporation on October 2, 2024.
On the filing, National Public data made the following claims
20 creditors
$33,105 in a bank account
$5,445 worth of office equipment
$675 estimated value of internet domains
total asset property value of $39,225
Other intangibles or IP
Database - People Finder/Non-regulated
Database - Bankruptcy Information
Database - Campaign Data
Database - Canadian Consumer Database
Database - Demographics
Database - FAA Airman/Airplanes
Database - Physician Profiles
Database - Vital Records (4 states only - historical)
Database - People Finder/Regulated Data
Database - Television Show-CountryDaze (6 episodes of 23 min each)
Database - USA Consumer Database
Database - Concealed Weapons Permits
Database - DEA Licenses
Database - Medicare Sanctions
Database - Marriage/Divorce Data
Database - Merchant Vessels
Database - Geocode Data
Database - Sex Offender Database
Database - Social Security Death Index
Database - OFAC Watchlist
Database - Zip Code
Misc Customized Software Applications and Procedures
Misc Customized Screen Scraping for Data Collection
Application architecture supporting deliver of primary customer facing products (of now [sic] value to anyonw but the debtor:
Database - Criminal Information (this item is titled in thename of the debtor's owner and utilized by the organization through a lease arrangement)
Creditors with NONPRIORITY Unsecured Claims -
all 50 State Attorneys General (SAG) plus
SAG - American Samoa
SAG - District of Columbia
SAG - Guam
SAG - U.S. Virgin Islands
SAG - Northern Mariana Islands
SAG - Puerto Rico
Civil claimants
Bradley / Grombacher LLP (o/b/o Charles J. Geletko)
Danile J. Rodriguez
Gross Revenue from Business
January 1, 2024 through October 2, 2024 - $431,044
Calendar Year 2023 - $1,152,726
Calendar year 2022 - $746,088
Legal Actions
YVETTE BURGEN, on behalf of herself and all others similarly situated v. Jerico Pictures, LLC
Cotton, et al v Jerico Pictures, Inc.
Plus an additional 17 class action complaints related to the data breach listed on a Continuation Sheet
Losses from Fire, theft, or other casualty within 1 year before filing this case.
$1,000,000 - Enterprise Wide Data Breach against Social Security Database (NOTE - Social Security Database is not listed as one of the databases above - only the Social Security Death Index database)
CLAIM in this filing:
Does the debtor collect and retain personally identifiable information of customers? Yes - SSN
Does the debtor have a privacy policy about this information? Yes
Note from Safe - Doubtful whether National Public Data had obtained SSN recordholders permission to use their information)
Only Salvatore Verini, Jr. is listed as a officer, director, managing member, general partner, member in control, controlling shareholder or other person in control of the debtor at the time of the filing of this case.
*****************************************************************************************************************
Company notified 1.3M record holders.
Data compromised included SSN.
BUT AN ESTIMATED 272M SSN WITHOUT LINKED EMAIL COMPROMISED - COMPANY MAY HAVE NO WAY TO NOTIFY RECORD HOLDERS.
Loss Magnitude based on 1.3M record holders notified.
No monitoring offered.
SSN may have been shared with National Public Data without SSN record holders' approval.
Publicly Available Information
Security Incident, 7/15/24
There appears to have been a data security incident that may have involved some of your personal information. The incident is believed to have involved a third-party bad actor that was trying to hack into data in late December 2023, with potential leaks of certain data in April 2024 and summer 2024. We conducted an investigation and subsequent information has come to light. The information that was suspected of being breached contained name, email address, phone number, social security number, and mailing address(es). We cooperated with law enforcement and governmental investigators and conducted a review of the potentially affected records and will try to notify you if there are further significant developments applicable to you. We have also implemented additional security measures in efforts to prevent the reoccurrence of such a breach and to protect our systems.