Universities/Colleges are the Riskiest
Research conducted by Robert Siciliano, Identity Theft expert, on behalf of McAfee
Cases of identity theft are skyrocketing, and 32% of all ID theft victims had their social security number compromised according to Javelin’s 2010 Identity Fraud Survey Report. In honor of National Identity Protection week, McAfee set out to reveal the most dangerous places to leave your social security number.
When your Social Security number is used to commit fraud, it feels very personal. It can take hundreds of hours and sometimes thousands of dollars to rectify this violation.
Criminals find these crucial nine digits on discarded files in dumpsters, inside an organizations’ file cabinets, in any of the hundreds of databases maintained by government, corporate, and educational institutions, or even in public records, which are freely accessible on the Internet.
Robert Siciliano, on behalf of McAfee, analyzed data breaches published by the Identity Theft Resource Center, Privacy Rights Clearinghouse and the Open Security Foundation that involved Social Security number breaches from January 2009 – October 2010 to reveal the riskiest places to lose your ID.
The top 10 most dangerous places to give out your Social Security number are:
#1 – Universities/Colleges (108)
#2 – Banking/Financial Institutions (96)
#3 – Hospitals (71)
#4 – State Governments (57)
#5 – Local Governments (44)
#6 – Federal Governments (33)
#7 – Medical Businesses (27) (Please note: These are businesses that concentrate on services and products for the medical field such as distributers of diabetes or dialysis supplies, medical billing services, pharmaceutical companies, etc.)
#8 – Non-Profit Organizations (23)
#9 – Technology Companies (22)
#10 (tied) – Medical Insurance and Medical Offices/Clinics (21)
Your Social Security Number is Your National ID
For the past 70 years, the Social Security number has become our de facto national ID. The numbers were first issued in the 1930s to track income for Social Security benefits. But functionality creep, which occurs when an item, process, or procedure ends up serving a purpose that it was never intended to perform, soon took effect.
Here we are, decades later, and the Social Security number has become the key to the kingdom. You’re forced to disclose your Social Security number regularly, and it appears in hundreds or even thousands of files, records, and databases, accessible to an untold number of people.
What’s the danger of it getting into the wrong hands? Anyone who does access your Social Security number can use it to impersonate you in a hospital, bank, or just about anywhere else.
Hackers are Getting the Key to your Credit
Any organization that extends any form of credit is going to need your name, address, date of birth, and Social Security number in order to verify your identity and run a credit check. This means hospitals, insurers, banks, credit card companies, car dealerships and other retailers, and even video rental stores.
Now more than ever, criminal hackers are hacking into databases that contain Social Security numbers and using the numbers to open new financial accounts. Criminals use stolen Social Security numbers to obtain mobile phones, credit cards, and even bank loans. Some victims whose Social Security numbers fell into the hands of identity thieves have even had their mortgages refinanced and their equity stripped.
When should you provide your Social Security number, and when should you refuse?
According to the Social Security Administration, you should:
1. Show your card to your employer when you start a job so your records are correct
2. Provide your Social Security number to your financial institution(s) for tax reporting purposes
3. Keep your card and any other document that shows your Social Security number on it in a safe place
4. DO NOT routinely carry your card or other documents that display your number
But beyond that they have no advice and frankly, no authority.
A federal law, 42 USC Chapter 7, Subchapter IV, Part D, Sec. 666(a)(13), enacted in 1996, determines when the numbers should be used. The law requires Social Security numbers to be recorded for “any applicant for a professional license, driver’s license, occupational license, recreational license or marriage license.” It can be used and recorded by creditors, the Department of Motor Vehicles, whenever a cash transaction exceeds $10,000, and in military matters.
What happens when you refuse to give out your Social Security number?
– Many people refuse, and quickly discover that this creates a number of hurdles that must be overcome in order to obtain services. A demand may be made that you, the customer, jump through a series of inconvenient hoops.
– Most customers are denied the service altogether, and from what we can tell, this is perfectly legal.
– When faced with either option, most people give up, and hand-over their number.
These organizations often state the Social Security number requirement in their terms of service, which you must sign in order to do business with them. They acquire this data for their own protection, since by making a concerted effort to verify the identities of their customers, they establish a degree of accountability. Otherwise, anyone could pose as anyone else without consequence.
Although I’d rather not, I frequently provide my Social Security number. But I do take steps to protect myself, or at least to reduce my vulnerability.
Tips To Protect Yourself:
1. In honor of National Protect Your Identity Week (October 17-23, 2010), check your credit report this week using a reputable firm such as, Experian, and set reminders every three months to review it again.
2. You can refuse to provide your Social Security number.
3. Invest in an identity protection service. Because there are times you cannot withhold your Social Security number, an identity protection service can monitor your bank information and your personal ID. McAfee® Identity Protection (CounterIdentityTheft.com) will alert you, help prevent loss of personal information, allows unlimited checks of your credit, credit monitoring, scanning of the internet and identity fraud resolution.
4. Securely dispose of mail. The standard advice is to thoroughly shred preapproved credit card offers and anything that includes any account information. While this is good advice and should be heeded, it’s not going to protect you when your bank or mortgage company or utility provider tosses your information in a dumpster that is subsequently raided by identity thieves.
5. Opt out of junk mail and preapproved credit card offers. This is good advice and can be done at OptOutPrescreen.com. However, even if you opt out of new offers, others will still arrive. It’s inevitable. You also need to get a locking mailbox, but that still won’t fully protect you.
6. Lock down your PC. McAfee Total Protection™ software is the most comprehensive security tool to protect your computers data.
ROBERT SICILIANO, CEO of IDTheftSecurity.com is fiercely committed to informing, educating, and empowering Americans so they can be protected from violence and crime in the physical and virtual worlds. His "tell it like it is" style is sought after by major media outlets, executives in the C-Suite of leading corporations, meeting planners, and community leaders to get the straight talk they need to stay safe in a world in which physical and virtual crime is commonplace. Siciliano is accessible, real, professional, and ready to weigh in and comment at a moment's notice on breaking news.
- Social Security Number: All-Purpose Identifier
Your Social Security number was never meant to serve the various functions it is used for today. Over the past 70 years, the Social Security number has become our de facto national ID. The numbers were originally issued in the 1930s, to track income for Social Security benefits. But “functionality creep,” which occurs when an
- Criminal Hackers Responsible For Most Data Breaches
According to the Identity Theft Resource Center, there were at least 662 data breaches in 2010, which exposed more than 16 million records. Nearly two-thirds of breaches exposed Social Security numbers, and 26% involved credit or debit card data. The ITRC elaborated, “Other than breaches reported by the media and a few progressive state websites, there
- Requests For Social Security Numbers Leads to Identity Theft
Robert Siciliano Identity Theft Expert A patient at a Washington state medical clinic was asked for his Social Security number numerous times. Many of us have endured this familiar process. Considering the recent buzz about identity theft, this patient became concerned about releasing his own sensitive personal data, and requested that the facility remove his Social
- Lost and Stolen Wallets Lead To Identity Theft
A friend called me in a panic because she had lost her wallet, which contained her driver’s license, credit cards, debit card, store cards, and her Social Security card. (You should never carry your Social Security card or Social Security number in your purse or wallet.) Anyway, she was freaked out and wanted to know what to
- Does Identity Theft Protection Really Work?
Do identity protection service really work? How effective are their scanning/monitoring methods? Can they truly protect consumers? The answers may vary. Identity theft protection is designed to protect you from new lines of credit being opened in your name—and along with the recovery/restoration component, it’s designed to clean up the mess. It’s safe to say I’m an
Leave a Comment
You must be logged in to post a comment.