Tumbling to SSN privacy

Jerry Stratton, January 18, 2010

Being right isn’t always satisfying. In June 2006, I wrote:

Giving out the last four digits of your Social Security number makes your entire number a lot more vulnerable. Armed with a computer and an on-line authorization site that doesn’t care if an SSN is checked every day, they probably won’t have any problem finding the rest. Your only hope is that they won’t want to.

Hadley Leggett interviewed privacy researcher Alessandro Acquisti in a July 2009 article on Wired:

There’s only a few short steps between making a statistical prediction about a person’s SSN and verifying their actual number, Acquisti said. Through a process called “tumbling,” hackers can exploit instant online credit approval services—or even the Social Security Administration’s own verification database—to test multiple numbers until they find the right one.

And that was without having the last four digits. Social Security Numbers should never have been used as a combination username and password.

In response to The last four digits of your social security number: The last four digits of your social security number are the least guessable part of your SSN.

Social Security Numbers Deduced From Public Data: Hadley Leggett: “By analyzing a public data set called the ‘Death Master File,’ which contains SSNs and birth information for people who have died, computer scientists from Carnegie Mellon University discovered distinct patterns in how the numbers are assigned. In many cases, knowing the date and state of an individual’s birth was enough to predict a person’s SSN.”

More social security numbers

Jim Rockford comes to identity theft: It’s easy enough to guess an SSN, if you know the SSN of someone born at the same location and the same time.
Mat Honan should read Mimsy: “Because the last four numbers of your SSN are what businesses ask for, they are all that a criminal sometimes needs to use your cash or credit.”
Insecurity questions on phones and at banks: How important are the last four digits of your social security number? That and a high school yearbook can get a hacker your bank account.
The last four digits of your social security number: The last four digits of your social security number are the least guessable part of your SSN.

Insecurity questions ->

Comments?

If you have private comments, or questions about this page, please, leave a message on the Negative Space Comments Page.

Lost?

If you’re looking for something here, use the search box in the navigation to limit your search to this part of the site, or use the Negative Space search page.

Jerry

Sometimes it is said that man cannot be trusted with the government of himself. Can he, then, be trusted with the government of others? Or have we found angels in the forms of kings to govern him? Let history answer this question. — Thomas Jefferson (1st Inaugural, 1801)

Contents of Negative Space™ as a whole Copyright © 1994-2024 Jerry Stratton. Individual copyrights remain held by their respective authors unless they specify otherwise. Site titles, such as Negative Space, Strange Bedfellows, Biblyon Broadsheet, Highland Games, and FireBlade Coffeehouse are trademarks of Jerry Stratton.

Tumbling to SSN privacy last modified January 18th, 2010.

Mimsy Were the Borogoves

Tumbling to SSN privacy

More social security numbers

Editorials

Books, Movies, & Music

Technology & Hacks

Food

42 Astounding Scripts

Walkerville Reader

Biblyon Broadsheet

About Mimsy

Comments?

Lost?

Mimsy Were the Borogoves

Tumbling to SSN privacy

More social security numbers

Editorials

Books, Movies, & Music

Technology & Hacks

Food

42 Astounding Scripts

Walkerville Reader

Biblyon Broadsheet

Blogroll

Keep in touch

About Mimsy

Comments?

Lost?