Skip to Content
background check data breach
© Andrey Popov |
Security & privacy

Ever run a background check? 20 mil Truth Finder and Instant Checkmate accounts leaked

Have you ever done a background check on yourself or someone else? It’s a good way for employers to determine if a potential worker is trustworthy. Some people even do background checks on potential dates in online dating. Tap or click here to learn how to do a free background check.

But your data might be in jeopardy if you’ve used a popular background check service. A data breach exposed information from over 20 million users of a couple of the most popular services.

Keep reading for details on the breach and ways to protect your data.

Popular background check companies suffer data breach

TruthFinder and Instant Checkmate are websites that offer background check services to their subscribers. They gather information from various publicly accessible sources, including court records, criminal records, social media and others to provide detailed background reports on individuals.

The two companies merged with PeopleConnect Holdings in 2020. Recently, a hacking collective claimed to have stolen a TruthFinder and Instant Checkmate user database and shared it for free on criminal forums.

The database contains the details of over 20 million users who used the services from 2011 to 2019. Leaked data includes names, email addresses, phone numbers and hashed passwords.

Soon after the hacker shared the details, parent company PeopleConnect acknowledged the breach. “We have confirmed that the list was created several years ago and appears to include all customer accounts created between 2011 and 2019. The published list originated inside our company,” the company explains.

What to do after a massive data breach

Users of the background check services during the dates in question should be careful about any emails that might seem suspicious. The company stresses that TruthFinder and Instant Checkmate will never ask for your password, Social Security number or payment information over email or phone. If that happens, it is probably a scammer.

When there is a massive data breach like this, there are safety precautions you should take.

Steps to take following a data breach.

  • Beware of phishing emails hitting your inbox. Scammers piggyback on breaches by sending malicious emails to trick you into clicking their links that supposedly have important information. Look out for strange URLs, return addresses and spelling/grammar errors.
  • Keep an eye on your banking statements for any unusual transactions. If you see anything strange, notify your bank immediately.
  • Enable two-factor authentication (2FA) for all your online accounts that offer it. This will make it more difficult for hackers to access your accounts. 
  • Create strong, original passwords for all your accounts and don’t reuse any. Can’t keep track of all your unique passwords? Just use a password manager. Tap or click here to get started.
  • Always have a trusted antivirus program updated and running on all your devices. We recommend our sponsor, TotalAV. Get an annual plan with TotalAV for only $19 at That’s over 85% off the regular price!

To see if your details are part of a data breach, Have I Been Pwned is an excellent resource. Enter your email address, and the website lets you know how many and which breaches your email address was in. Tap or click here for more details on how the site works.

Keep reading

Genealogy site data breach: See if your info was leaked

Twitter data breach: Personal details of 5.4M users leaked

Refer friends, earn rewards

Share your source of digital lifestyle news, tips and advice with friends and family, and you'll be on your way to earning awesome rewards!

Get started