Social Security number leaked? Chances are, a criminal is already trying to use it
Data violations that expose personal information for millions of people may have very real consequences for individuals, in particular: identity theft.
A new study has revealed that the more easily accessible to an individual’s personal information on the dark canvas, the more likely it is that this person will be a target for criminals.
The ratings soar if the information includes the person’s social security number, which is generally necessary for financial requests such as the opening of a bank account, the request for a credit card or to produce income declarations, which are all common objectives for fraudsters.
The conclusions, published Monday by Sentinki, a company that monitors customer data for fraud on behalf of financial companies, are intuitive. But they are considered the first of its kind showing a clear correlation between the robust cybercriminal trade in people’s identities and real attempts where criminals try to commit fraud against these victims.
David Maimon, head of Fraud Insight in Sentinkine, told NBC News that he had conducted the study by comparing three sets of data from people whose information is available online.
For a reference list of people whose names and addresses were available online, it used the recording files of voters accessible to the public. For a set of people whose names and addresses – but not social security numbers – have been largely negotiated between criminals, he removed the names of checks stolen from a ring of fraud thieves by check that operated on Telegram.
For a list of people whose names, addresses and social security numbers have all been largely negotiated between cybercriminals, he downloaded a database of around 100,000 victims, paved together from various hacks and has been exchanged several times on the Dark Web since 2021.
Maimon then compared more than 2,000 people in these data sets with the internal recordings of Sentinki on the attempt to identify identity to see how often each of these people had been targeted.
The results were spectacular. Only 2.1% of people in voter registration forms had been targeted by identity thieves. Among those whose names were found in the stolen control ring, 12.1% had been targeted. But almost all people in the 2021 database with social security numbers – 97% – had been victims of attempted identity theft, revealed Maimon.
Data violations have become increasingly common, to the point where information from most Americans has been stolen on several occasions. The American Federal Commerce Commission received 1.1 million identity theft claims in 2024, although this was considered a serious sub-accountability of the total number of victims.
Even children often have their stolen social security number, and credit supervision services rarely help victims. According to statistics provided to NBC News by the non -profit identity flight resource center, there were 1,857 new data violations in 2024 which included the Social Security numbers of the Americans.
Although social security numbers are systematically hacked, it is often impossible for a victim to know how much their information has been shared – a key element of the conclusions of Sentink. Not all violations are equal and cybercriminals often do not sell hacked data only to the most offering to keep it more exclusive.
When a person’s information becomes largely reconditioned and exchanged several times between criminals, it is targeted by thieves several times for a longer period, said Maimon.
The best course of action, said Maimon, is that people freeze their credit notes with the three main credit agencies and to monitor their chexSystems consumption score to see if someone opened bank accounts on their behalf.
