Protecting Your Social Security Number: Best Practices for Enhanced Cyber Security
In one of the most alarming cyber incidents of recent times, a notorious hacking group has reportedly unleashed a staggering volume of sensitive personal data, stolen from a leading data broker, onto the dark web. This breach, which occurred roughly four months after the initial theft was claimed, has far-reaching implications, particularly due to the exposure of millions of Social Security numbers (SSNs).
The Breach: What Happened?
Earlier this year, a hacking group known as USDoD claimed to have infiltrated the databases of National Public Data (NPD), a company that provides personal information to various entities, including employers and private investigators.
The hackers alleged that they had obtained personal records of nearly 3 billion individuals worldwide. They initially offered these records for sale on a dark web forum for $3.5 million, but portions of this data have since been released for free by various individuals within the hacker community.
What Was Exposed?
The stolen data, reportedly includes extensive personal information, such as:
- Full names
- Address histories
- Relatives and associations
- Social Security numbers (SSNs) on almost all United States citizens
- Personal data dating back at least 30 years
This extensive dataset is a treasure trove for cybercriminals, particularly due to the inclusion of Social Security numbers, which are among the most sensitive pieces of information that can be stolen. The long history of data collected in this breach makes it even more dangerous, as it can be cross-referenced with other data breaches to build comprehensive profiles on individuals.
Find Out if Your Data Was Exposed
Pentester, a company that provides companies cybersecurity testing, created a free search engine where you can see if your data was exposed. As you are only inputing your name, state, and birth year, it is safe to use. It will search the NPD data breach found on the Dark Web and let you know if your information was exposed. If it was, then make sure to follow the recommendations below.
Visit the Pentester search tool at: https://npd.pentester.com/search
Why Social Security Numbers Are So Valuable
Your Social Security number is a key piece of information that opens the door to a wide range of fraudulent activities. Unlike passwords or credit card numbers, which can be changed relatively easily if compromised, Social Security numbers are permanent identifiers tied to your identity. Once they are exposed, the potential for misuse extends far into the future.
With your SSN, a criminal can:
- Open New Accounts: Using your SSN, along with your name and date of birth, a criminal can open new credit accounts in your name. These accounts can be used to make purchases or take out loans, leaving you with the bill and a damaged credit score.
- File Fraudulent Tax Returns: Fraudsters can use your SSN to file a tax return in your name and claim a refund. This can lead to significant delays in processing your legitimate tax return and can create a complex situation that requires legal and financial intervention.
- Access Medical Services: Your SSN can be used to obtain medical services or prescriptions under your identity, which can result in erroneous medical records and bills. Worse, it could lead to incorrect medical histories being created, which can have life-threatening consequences in an emergency situation.
- Commit Other Crimes: Your SSN can also be used in various other identity theft schemes, such as applying for a job under your name, which could lead to complications with the IRS or other authorities if income goes unreported.
Given these risks, it’s clear why the exposure of Social Security numbers in this breach demands immediate attention and action.
How to Protect Yourself if Your Social Security Number Was Compromised
As it's highly likely your Social Security number has been compromised in this breach, there are several critical steps you should take to protect yourself from potential identity theft and fraud.
1. Place a Fraud Alert or Credit Freeze
Immediately place a fraud alert on your credit reports with the three major credit bureaus—Experian, Equifax, and TransUnion. A fraud alert notifies potential creditors to take extra steps to verify your identity before granting credit in your name. Alternatively, you can opt for a credit freeze, which prevents anyone from opening new credit accounts in your name without your consent.
Placing a credit freeze is the most effective way to protect yourself, but it requires you to unfreeze your credit when applying for loans or new accounts. You can place a credit freeze online or by calling each bureau directly. For more information, you can visit the following official resources:
2. Monitor Your Credit Reports
Regularly monitor your credit reports for any unauthorized activity. You are entitled to a free credit report from each of the three major bureaus once per year through AnnualCreditReport.com. In light of the breach, it may be wise to stagger your requests so you can check one report every four months, allowing you to monitor your credit more frequently.
3. Sign Up for Identity Theft Protection Services
Consider enrolling in an identity theft protection service that monitors your personal information, including your Social Security number, and alerts you to suspicious activity. These services often include credit monitoring, identity restoration services, and insurance to cover certain losses due to identity theft. Some well-known services include:
These services typically come with a fee, but they can provide an added layer of protection, especially if your SSN has already been compromised.
4. Update Your Passwords and Enable Multifactor Authentication
Ensure that all your online accounts, particularly those linked to financial services, are secured with strong, unique passwords. A strong password should include a mix of uppercase and lowercase letters, numbers, and special characters. Avoid using easily guessable information - or information that can be found on your online profiles - such as names, birthdays, or common words.
In addition to updating your passwords, enable multifactor authentication (MFA) wherever possible. MFA provides an additional layer of security by requiring a second form of verification - usually a code sent to your mobile device or an authentication app - when logging into your accounts. This makes it significantly harder for unauthorized users to gain access, even if they have your password.
5. Use a Password Manager
To ensure your online accounts are secure, consider using a password manager that creates, stores, and manages strong, unique passwords for all your accounts. A good password manager will encrypt your passwords, making them accessible only with a master password that you control. This eliminates the need to remember multiple passwords and reduces the risk of using weak or reused passwords. Some trusted password managers include:
6. Conduct Regular Security Scans on Your Devices
Make sure your antivirus software is up to date and perform regular security scans on all your devices. If your antivirus detects malware, follow its recommendations to remove the threat. In some cases, professional help may be necessary to fully clean your system.
7. File Your Taxes Early
One of the most common uses of stolen SSNs is tax fraud. Filing your tax return early can help prevent criminals from filing in your name first. If the IRS receives your legitimate tax return before any fraudulent one, the scammer's attempt will be flagged. If you suspect that your SSN has been used fraudulently, you should contact the IRS immediately and consider applying for an Identity Protection PIN (IP PIN), which adds an extra layer of security to your tax account.
You can learn more about IP PINs and apply for one on the IRS website.
Take Control of Your Digital Identity
The National Public Data breach serves as a stark reminder of the critical importance of securing your personal information, particularly your Social Security number. In a world where data breaches are becoming increasingly common, the proactive steps you take today can make all the difference in protecting your financial future.
Remember, your Social Security number is the gateway to your identity. By freezing your credit, monitoring your financial accounts, updating your passwords, and staying vigilant, you can reduce the risk of falling victim to identity theft and fraud. Stay informed, stay protected, and take control of your digital identity.
Unfortunately, none of these measures will completely protect you from scammers and hackers. However, it's similar to a thief combing your neighborhood looking to steal a bicycle. If your garage door is shut and your neighbor's is open, they will probably skip your house and look elsewhere. As it relates to protecting your personal information, make sure you keep your garage door shut.
Sincerely,
EnRich Financial Partners LLC
Investment Advisory Services offered through EnRich Financial Partners LLC, a Registered Investment Advisor.
This content is developed from sources believed to be providing accurate information. It may not be used for the purpose of avoiding any federal tax penalties. Please consult legal or tax professionals for specific information regarding your individual situation. The opinions expressed and material provided are for general information, and should not be considered a solicitation for the purchase or sale of any security.
Credit for the above content, and permission to share, provided by Sam Richter.