Top Ten Most Dangerous Places to Leave Your SS Number

Universities/Colleges are the Riskiest

Cases of identity theft are skyrocketing, and 32% of all ID theft victims had their social security number compromised according to Javelin’s 2010 Identity Fraud Survey Report.  In honor of National Identity Protection week, McAfee set out to reveal the most dangerous places to leave your social security number.

When your Social Security number is used to commit fraud, it feels very personal. It can take hundreds of hours and sometimes thousands of dollars to rectify this violation.

Criminals find these crucial nine digits on discarded files in dumpsters, inside an organizations’ file cabinets, in any of the hundreds of databases maintained by government, corporate, and educational institutions, or even in public records, which are freely accessible on the Internet.

Robert Siciliano, on behalf of McAfee,  analyzed data breaches published by the Identity Theft Resource Center, Privacy Rights Clearinghouse and the Open Security Foundation that involved Social Security number breaches from January 2009 – October 2010 to reveal the riskiest places to lose your ID.

The top 10 most dangerous places to give out your Social Security number are:

#1 – Universities/Colleges (108)

#2 – Banking/Financial Institutions (96)

#3 – Hospitals (71)

#4 – State Governments (57)

#5 – Local Governments (44)

#6 – Federal Governments (33)

#7 – Medical Businesses (27) (Please note: These are businesses that concentrate on services and products for the medical field such as distributers of diabetes or dialysis supplies, medical billing services, pharmaceutical companies, etc.)

#8 – Non-Profit Organizations (23)

#9 – Technology Companies (22)

#10 (tied) – Medical Insurance and Medical Offices/Clinics (21)

Your Social Security Number is Your National ID

For the past 70 years, the Social Security number has become our de facto national ID. The numbers were first issued in the 1930s to track income for Social Security benefits. But functionality creep, which occurs when an item, process, or procedure ends up serving a purpose that it was never intended to perform, soon took effect.

Here we are, decades later, and the Social Security number has become the key to the kingdom. You’re forced to disclose your Social Security number regularly, and it appears in hundreds or even thousands of files, records, and databases, accessible to an untold number of people.

What’s the danger of it getting into the wrong hands? Anyone who does access your Social Security number can use it to impersonate you in a hospital, bank, or just about anywhere else.

Hackers are Getting the Key to your Credit

Any organization that extends any form of credit is going to need your name, address, date of birth, and Social Security number in order to verify your identity and run a credit check. This means hospitals, insurers, banks, credit card companies, car dealerships and other retailers, and even video rental stores.

Now more than ever, criminal hackers are hacking into databases that contain Social Security numbers and using the numbers to open new financial accounts. Criminals use stolen Social Security numbers to obtain mobile phones, credit cards, and even bank loans. Some victims whose Social Security numbers fell into the hands of identity thieves have even had their mortgages refinanced and their equity stripped.

When should you provide your Social Security number, and when should you refuse?

According to the Social Security Administration, you should:

1. Show your card to your employer when you start a job so your records are correct

2. Provide your Social Security number to your financial institution(s) for tax reporting purposes

3. Keep your card and any other document that shows your Social Security number on it in a safe place

4. DO NOT routinely carry your card or other documents that display your number

But beyond that they have no advice and frankly, no authority.

A federal law, 42 USC Chapter 7, Subchapter IV, Part D, Sec. 666(a)(13), enacted in 1996, determines when the numbers should be used. The law requires Social Security numbers to be recorded for “any applicant for a professional license, driver’s license, occupational license, recreational license or marriage license.” It can be used and recorded by creditors, the Department of Motor Vehicles, whenever a cash transaction exceeds $10,000, and in military matters.

What happens when you refuse to give out your Social Security number?

–  Many people refuse, and quickly discover that this creates a number of hurdles that must be overcome in order to obtain services. A demand may be made that you, the customer, jump through a series of inconvenient hoops.

– Most customers are denied the service altogether, and from what we can tell, this is perfectly legal.

– When faced with either option, most people give up, and hand-over their number.

These organizations often state the Social Security number requirement in their terms of service, which you must sign in order to do business with them. They acquire this data for their own protection, since by making a concerted effort to verify the identities of their customers, they establish a degree of accountability. Otherwise, anyone could pose as anyone else without consequence.