Hackers claimed to have stolen more than 2 billion records containing sensitive information including Social Security numbers, with some data reportedly leaked online.
Isn’t it the address being leaked with it that makes this notable?
You can’t add a number to a SSN and also add a number to the street address to then narrow down which full names are associated with that SSN to then possibly be able to use it.
The address does make it a lot more useful, but the point that I am making is simply that the number itself has never been secure, and this kinda failure was inevitable due to only needing slightly more info than the number itself. A number which itself is already partially identifying.
We shouldn’t use social security numbers like we do.
First 3 digits are the area number assigned to a geographic. Next 2 are a group number and are not used serially but have a rather unusual usage sequence. The last 4 are a serial number assigned in order.
Take your social security number. Change the last number by one. Congrats, you have stolen someones number.
It isn’t secure or random in any way. Infact, by doing the above you will have the number of a person born probably in the same hospital as you.
Isn’t it the address being leaked with it that makes this notable?
You can’t add a number to a SSN and also add a number to the street address to then narrow down which full names are associated with that SSN to then possibly be able to use it.
I didn’t think the number had any use on its own
The address does make it a lot more useful, but the point that I am making is simply that the number itself has never been secure, and this kinda failure was inevitable due to only needing slightly more info than the number itself. A number which itself is already partially identifying.
We shouldn’t use social security numbers like we do.
I mean it says right on the fucking card not to .
But some institutions insist.
Sure it shouldn’t be used like this. But incrementing a number isn’t enough to steal someone’s identity.
Is usa numbering just incremental? Canadian ones use a checksum type setup to determine if it is a valid SIN
There’s some brackets based on area and similar https://www.ssa.gov/history/ssn/geocard.html
First 3 digits are the area number assigned to a geographic. Next 2 are a group number and are not used serially but have a rather unusual usage sequence. The last 4 are a serial number assigned in order.
That’s not true anymore. My kids have very different SSNs.
Are your kids twins?
No, but born in the same city. They don’t have a common prefix or anything like that.