The U.S. Social Security Number (SSN) is one of the most important numbers every person working in the US needs to protect. I have been warned all the time to not reveal my SSN to anyone, if not necessary. The growing cases of identity theft is caused by the Social Security number when purchasing goods or services.
Here is a very worrying news. According to a recent research, there exist a so-called “Death Master File,” a publicly available file which lists SSNs, names, dates of birth and death, and the states of all individuals who have applied for a number and whose deaths have been reported to the Social Security Administration.
What is the use of the Death Master File?
Researchers from Carnegie Mellon University theorized that they could use the Death Master File along with publicly available birth information to predict narrow ranges of values wherein individual SSNs were likely to fall. The two tested their hunch using the Death Master File of people who died between 1972 and 2003, and found that on the first try they could correctly guess the first five digits of the SSN for 44 percent of deceased people who were born after 1988, and for 7 percent of those born between 1973 and 1988.
The researchers found that it was far easier to predict SSNs for people born after 1988, when the Social Security Administration began an effort to ensure that U.S. newborns obtained their SSNs shortly after birth.
[via] They were able to identify all nine digits for 8.5 percent of people born after 1988 in fewer than 1,000 attempts. For people born recently in smaller states, researchers sometimes needed just 10 or fewer attempts to predict all nine digits.
Records of an individual’s state and date of birth can be obtained from a variety of sources, including voter registration lists and commercial databases. What’s more, many people now self-publish this information as part of their personal profiles on blogs and social networking sites. Indeed, the researchers tested their method using birthdays and hometowns that CMU students published on social networking sites, with similar results.
Privacy and security experts praised the Carnegie Mellon study, saying it should be a wake-up call to policy makers and industry leaders, many of whom have resisted switching to a more secure consumer authentication system due to the sheer cost of changing the current system.