Not sure how we got on ss#’s but it’s my understanding that they’re not public information. The numbers that were leaked came from “national public data” a private company.
Discussion
Credit agencies use your SSN to identify you. The banks use your SSN to identify you. The IRS uses your SSN to identify you. The medical system uses your SSN to identify you. Countless other agencies use your SSN to identify you. This isn't so much a problem except that they also use it as an authentication token which is ridiculous.
To authenticate yourself over the phone, all you need to recite is:
* Name
* DOB
* SSN
* Address
* Mother's maiden name
None of this is private. From a privacy perspective, to think this is secure information is ridiculous on its face. Identity fraud is only limited by a criminal's risk tolerance and various companys' fraud prevention measures.
It’s your choice to give your ss# to private companies. Granted, if you don’t, they may refuse you service. They want the lines blurred between public and private. Mission accomplished.
It’s the authentication token part that I have a problem with. SS#’s were initially for linking you to your social security and taxes. Now it’s thrown around all Willy nilly. I also agree with thinking of it being secure is ridiculous. Privacy and security are two separate things. We put ourselves into this situation.