No matter how careful you are online, personal information can still fall into the hands of hackers.

As reported by Bloomberg, news of this massive new data breach came to light as part of a class action lawsuit filed earlier this month. According to the complaint filed in the U.S. District Court for the Southern District of Florida, the leaked personal data belongs to a public records data provider called National Public Data, which specializes in background checks and fraud prevention.

Personal data for 2.9 billion individuals, including full names, 30-year-old addresses, and Social Security numbers, was stolen from National Public Data by a cybercrime group named USDoD. According to the complaint, the hackers then attempted to sell this vast collection of personal data on the dark web for $3.5 million. Due to the sheer number of people affected, it is worth noting that this data was likely provided both from the United States and from other countries around the world.

Here is everything we know so far about this massive data breach, as well as some of the measures you can take to stay safe if your personal information is compromised online.

So how do companies like National Public Data get the personal information of nearly 3 billion people? The answer is through scraping. Scraping is a technique that companies use to collect data online from websites and other sources.

What makes National Public Data's practices more problematic is that the company has scraped billions of personally identifiable information (PII) from undisclosed sources. As a result, many of those currently involved in class action lawsuits did not willingly provide their data to the company.

According to the complaint, one of the plaintiffs, a California resident, first learned of the breach because she was using one of the best identity theft protection services and was informed by that service that her data had been leaked to the dark web.

As part of the class action lawsuit, this plaintiff is asking the court to require National Public Data to securely destroy all personal information obtained through scraping. However, he also wants the company to compensate him and other victims financially while implementing stricter security measures in the future.

Once the full name, address, and social security number are in hand, there are many things hackers can do with this information.

We have yet to hear anything from National Public Data, but the company will probably have to issue a data breach notice soon, given the mess it has gotten itself into by scraping data from non-public sources. Such data breach notices will probably arrive in the mail, so keep an eye on your mailbox for the time being.

Typically, in the event of a data breach of this magnitude, the responsible company will provide either identity theft protection or credit monitoring free of charge for up to two years. This is because hackers often use this type of data to launch targeted phishing attacks. At the same time, bank accounts and other financial accounts should be closely monitored for fraudulent or suspicious activity.

This probably won't be the last news story, as this is about the same size data breach as Yahoo's 2013 incident in which 3 billion people's data was leaked online. Tom's Guide has reached out to National Public Data for more information on this story and will update this article if we hear back from them.