iPhone app iPad app Android phone app Android tablet app More

Featuring fresh takes and real-time analysis from HuffPost's signature lineup of contributors
Hot on the Blog
Marcia CrossMichael R. BloombergJeb BushRep. Steny Hoyer
Robert Siciliano

Robert Siciliano

Personal Security and Identity Theft Expert

GET UPDATES FROM Robert Siciliano

McAfee Reveals the Top Ten Most Dangerous Places to Leave Your Social Security Number

Posted: 10/18/10 03:14 PM ET
Inspiring
 Greedy
 Typical
 Scary
 Outrageous
 Amazing
 Innovative
 Infuriating

Universities/Colleges are the Riskiest

Research conducted by Robert Siciliano, Identity Theft expert, on behalf of McAfee

Cases of identity theft are skyrocketing, and 32% of all ID theft victims had their social security number compromised according to Javelin's 2010 Identity Fraud Survey Report.  In honor of National Identity Protection week, McAfee set out to reveal the most dangerous places to leave your social security number.

When your Social Security number is used to commit fraud, it feels very personal. It can take hundreds of hours and sometimes thousands of dollars to rectify this violation.

Criminals find these crucial nine digits on discarded files in dumpsters, inside an organizations' file cabinets, in any of the hundreds of databases maintained by government, corporate, and educational institutions, or even in public records, which are freely accessible on the Internet.

Robert Siciliano, on behalf of McAfee,  analyzed data breaches published by the Identity Theft Resource CenterPrivacy Rights Clearinghouse and the Open Security Foundation that involved Social Security number breaches from January 2009 - October 2010 to reveal the riskiest places to lose your ID.

The top 10 most dangerous places to give out your Social Security number are:

#1 - Universities/Colleges (108)

#2 - Banking/Financial Institutions (96)

#3 - Hospitals (71)

#4 - State Governments (57)

#5 - Local Governments (44)

#6 - Federal Governments (33)

#7 - Medical Businesses (27) (Please note: These are businesses that concentrate on services and products for the medical field such as distributers of diabetes or dialysis supplies, medical billing services, pharmaceutical companies, etc.)

#8 - Non-Profit Organizations (23)

#9 - Technology Companies (22)

#10 (tied) - Medical Insurance and Medical Offices/Clinics (21)


Your Social Security Number is Your National ID

For the past 70 years, the Social Security number has become our de facto national ID. The numbers were first issued in the 1930s to track income for Social Security benefits. But functionality creep, which occurs when an item, process, or procedure ends up serving a purpose that it was never intended to perform, soon took effect.

Here we are, decades later, and the Social Security number has become the key to the kingdom. You're forced to disclose your Social Security number regularly, and it appears in hundreds or even thousands of files, records, and databases, accessible to an untold number of people.

What's the danger of it getting into the wrong hands? Anyone who does access your Social Security number can use it to impersonate you in a hospital, bank, or just about anywhere else.

Hackers are Getting the Key to your Credit

Any organization that extends any form of credit is going to need your name, address, date of birth, and Social Security number in order to verify your identity and run a credit check. This means hospitals, insurers, banks, credit card companies, car dealerships and other retailers, and even video rental stores.

Now more than ever, criminal hackers are hacking into databases that contain Social Security numbers and using the numbers to open new financial accounts. Criminals use stolen Social Security numbers to obtain mobile phones, credit cards, and even bank loans. Some victims whose Social Security numbers fell into the hands of identity thieves have even had their mortgages refinanced and their equity stripped.

When should you provide your Social Security number, and when should you refuse?

According to the Social Security Administration, you should:

1. Show your card to your employer when you start a job so your records are correct

2. Provide your Social Security number to your financial institution(s) for tax reporting purposes

3. Keep your card and any other document that shows your Social Security number on it in a safe place

4. DO NOT routinely carry your card or other documents that display your number

But beyond that they have no advice and frankly, no authority.

A federal law, 42 USC Chapter 7, Subchapter IV, Part D, Sec. 666(a)(13), enacted in 1996, determines when the numbers should be used. The law requires Social Security numbers to be recorded for "any applicant for a professional license, driver's license, occupational license, recreational license or marriage license." It can be used and recorded by creditors, the Department of Motor Vehicles, whenever a cash transaction exceeds $10,000, and in military matters.

What happens when you refuse to give out your Social Security number?

-  Many people refuse, and quickly discover that this creates a number of hurdles that must be overcome in order to obtain services. A demand may be made that you, the customer, jump through a series of inconvenient hoops.

- Most customers are denied the service altogether, and from what we can tell, this is perfectly legal.

- When faced with either option, most people give up, and hand-over their number.

These organizations often state the Social Security number requirement in their terms of service, which you must sign in order to do business with them. They acquire this data for their own protection, since by making a concerted effort to verify the identities of their customers, they establish a degree of accountability. Otherwise, anyone could pose as anyone else without consequence.

Although I'd rather not, I frequently provide my Social Security number. But I do take steps to protect myself, or at least to reduce my vulnerability.

Tips To Protect Yourself:

1. In honor of National Protect Your Identity Week (October 17-23, 2010)check your credit report this week using a reputable firm such as, Experian, and set reminders every three months to review it again.

2. You can refuse to provide your Social Security number.

3. Invest in an identity protection service. Because there are times you cannot withhold your Social Security number, an identity protection service can monitor your bank information and your personal ID.  McAfee® Identity Protection (CounterIdentityTheft.com) will alert you, help prevent loss of personal information, allows unlimited checks of your credit, credit monitoring, scanning of the internet and identity fraud resolution.

4. Securely dispose of mail. The standard advice is to thoroughly shred preapproved credit card offers and anything that includes any account information. While this is good advice and should be heeded, it's not going to protect you when your bank or mortgage company or utility provider tosses your information in a dumpster that is subsequently raided by identity thieves.

5. Opt out of junk mail and preapproved credit card offers. This is good advice and can be done at OptOutPrescreen.com. However, even if you opt out of new offers, others will still arrive. It's inevitable. You also need to get a locking mailbox, but that still won't fully protect you.

6. Lock down your PC. McAfee Total Protection™ software is the most comprehensive security tool to protect your computers data.

Robert Siciliano is a McAfee Consultant and Identity Theft Expert. See him discussing Social Security Numbers as National IDs on Fox News. (Disclosures)

 

Follow Robert Siciliano on Twitter: www.twitter.com/RobertSiciliano

Related News On Huffington Post:
 

 
 
  • Comments
  • 7
  • Pending Comments
  • 0
  • View FAQ
Comments are closed for this entry
View All
Favorites
Recency  | 
Popularity
photo
Decorina
Hypocrisy means your karma ran over your dogma
2921 Fans
01:31 PM on 10/20/2010
I won't give my ss number in a doctor's office. They don't need it - they will take my driver's license for ID instead.
Permalink  |
This user has chosen to opt out of the Badges program
photo
Mike169
856 Fans
03:26 PM on 10/20/2010
A doctor's office is the worst place you could leave your driver's license.
Permalink  |
photo
Decorina
Hypocrisy means your karma ran over your dogma
2921 Fans
03:36 PM on 10/20/2010
I don't leave it there - I show it to them so they can write down the number.
Permalink  |
This user has chosen to opt out of the Badges program
texastrixie
I invented the internet.
261 Fans
10:59 AM on 10/20/2010
Simple solution (if you can afford it) - lock your credit with one of the credit rating agencies. Yes, its a big hassle to unlock it, but you only need to do so if you are financing a new car, applying for a new credit cared, or getting a mortgage, etc. How often do you actually do that? Better question - how often should you be doing that in this economic environment? When most of us are trying to make do with the credit cards we have (ie, not using them), the car we have, and the house we have, having your credit locked might be helpful in keeping you solvent.
Permalink  |
robinhood1
139 Fans
08:43 PM on 10/20/2010
You are talking about a credit freeze. Do not confuse this with a subscription to Lifelock, which is an expensive credit monitoring service. A credit freeze is the way to go.
Permalink  |
This user has chosen to opt out of the Badges program
texastrixie
I invented the internet.
261 Fans
10:53 AM on 10/22/2010
That's what I meant. But did you not see where I said to do so with one of the credit rating agencies? Yes, LifeLock cannot lock your credit, but any of the credit reporting agencies can because they are the ones being asked for a score when you apply for credit. If one agency refuses to divulge this info, the credit check cannot be completed, and whatever credit the requestor wants cannot be obtained until the locked/frozen report is able to be accessed.
Permalink  |
robinhood1
139 Fans
06:07 PM on 10/19/2010
Instead of spending $10 a month for a credit monitoring service, which won't prevent crooks from getting access to your credit reports, place a freeze on your report at each of the thee major credit reporting agencies. Each will charge you about $10 for the freeze and each time you want to temporarily unfreeze your account, when you really want to give someone access to your report. But there is no monthly fee and no one can get access to your report unless they have your PIN number which each agency issues at the time of your freeze. The article was somewhat self-serving. But I guess it is no different than doctors recommending specific prescription drugs and then getting under the table referral fees or speaking fees from the drug companies. Buyer beware.
Permalink  |