A new lawsuit is claiming hackers have gained access to the personal information of “billions of individuals,” including their Social Security numbers, current and past addresses and the names of siblings and parents — personal data that could allow fraudsters to infiltrate financial accounts or take out loans in their names.
The allegation arose in a lawsuit filed earlier this month by Christopher Hofmann, a California resident who claims his identity theft protection service alerted him that his personal information had been leaked to the dark web by the “nationalpublicdata.com” breach. The lawsuit was earlier reported by Bloomberg Law.
The breach allegedly occurred around April 2024, with a hacker group called USDoD exfiltrating the unencrypted personal information of billions of individuals from a company called National Public Data (NPD), a background check company, according to the lawsuit. Earlier this month, a hacker leaked a version of the stolen NPD data for free on a hacking forum, tech site Bleeping Computer reported.
Maybe it’s time to move on from using SSNs for security? We have someting similar in Sweden - “person numbers”. If I call the tax authority and ask for someone’s “person number” they will tell me. They’re not secret in any way, and thus not used as some form of authentication either.
The old social security cards had “NOT FOR IDENTIFICATION” printed on them for a reason.
This. It is so shocking that they just get used as a harder ID than actual ID. Someone didn’t get the memo. And by “someone”, I mean corporations who haven’t had real consequences in 50 years.
They were never actually meant for identification, just got pigeonholed into that role because the government couldn’t get support for a national citizen ID or the equivalent. We absolutely need something, but every republican will scream that, “it’s a way for the government to track us and limit out freedoms!” and it will be shot down.
The peak of irony considering the porn age ID verification laws and abortion bans they impose on people living in the states they control.
Because they never cared about government overreach. It was always a lie to appeal to gullible rubes.
But how exactly does it work when applying for something like a credit card or going to a doctors office and filling out a form? Because here in the US those ask for SSN
They ask for SSN because there is no other form of national ID in the US (by design). SSNs were not introduced with this use in mind in fact they were explicitly meant to not be used this way, but society has slowly twisted it into a de facto national ID.
what was meant to be used then?
To track contributions and withdrawals to the social security system. Pretty much everyone in enrolled, so pretty much everyone has an SSN.
deleted by creator
Nordics have resolved this by having the strong digital authentication. Services like banks and tele operators work as identity providers for individuals/companies.either through mobile network or app on your phone, and these is a central service that links these together.
This way third parties can safely identify you, and also it follows same OpenID/OAuth2.0/MFA principles, which are industry standards.
Having experienced both systems the Nordic ones are well thought out, streamlined and feel extremely secure.
The US system feels so absurdly predatory and intentionally insecure. It’s often slower, non-standardized, and glitchy(e.g. student loan stuff).
In general, fraud is much easier in the US which is is by design as stated elsewhere in the thread.
Doctor’s office and credit card companies don’t need your ssn. It is one of the easiest places to steal them from.
https://clark.com/show-notes/10-worst-places-give-your-social-security-number/
You don’t have to give anyone your SSN, especially for medical. There are ways to bill without SSN.