Around four months after a hacking group claimed to have stolen sensitive personal data from a major data broker, a member of the group has reportedly released most of it for free on an online marketplace.

The breach, which includes Social Security numbers and other sensitive information, poses significant risks for identity theft and fraud, according to Teresa Murray, a consumer watchdog director.

The group, USDoD, had previously claimed to have stolen records of 2.9 billion people from National Public Data.

Last week, a group member offered the “full NPD database,” containing 2.7 billion records with names, addresses, birth dates, and Social Security numbers.

While some key details like email addresses and driver’s license photos were missing, the leaked data still poses serious risks, as it can be used to take over accounts and commit fraud, the Los Angeles Times has reported.

National Public Data has not formally notified affected individuals but claims to have purged its database in response to the breach.

Written by B.C. Begley