Posts

From doctor’s offices and financial institutions to college university admittance applications and summer camp registrations, the request for your Social Security number (SSN) has become commonplace. In fact, it’s become such a standard request that many individuals willingly provide this number without hesitation and without really thinking about the consequences behind this, one of which being an increased risk of identity theft.

Social Security numbers hold one of the keys to your identity. With it, you can open a new line of credit, gain employment, receive health insurance and file taxes. Thieves also know the power behind this nine-digit number, which is why it’s one of the most highly sought after pieces of personal information. There are a variety of ways that thieves attempt to obtain SSNs, and they include more low-tech methods like sifting through your trash, stealing a wallet, purse or laptop; or using more sophisticated ways like phishing emails and texts, scam calls and via data breaches. For example, there were nearly 158 million social security numbers exposed in 2017 due to data breaches.

While the exposure of your SSN is not entirely preventable – data breaches are a perfect example of this – consumers should refrain from giving it out unnecessarily to minimize their risks of identity theft. Basically, the frequency at which the number is exposed – whether intentional or unintentional, the higher the probability that it will be compromised. Here are some tips to help you protect your SSN and become a better steward of your identity:

Be in the Know – Educate yourself on the types of scenarios that require you to provide your Social Security number so that you can decide ahead of time whether or not you should provide it. Here is a list of situations that require your SSN:

  • Internal Revenue Service for tax returns and federal loans
  • Employers for wage and tax reporting purposes
  • Financial institutions for monetary and credit transactions
  • Veterans Administration as a hospital admission number
  • Department of Labor for workers’ compensation
  • Department of Education for student loans
  • Entities that administer any tax, general public assistance, motor vehicle or driver’s license law
  • Child support enforcement
  • Food Stamps
  • Medicaid
  • Unemployment Compensation

Don’t be afraid to ask – When your Social Security number is requested it’s best to ask the requestor some additional information to better understand whether you absolutely need to provide your SSN and if so, how they plan to protect it. In some instances, you may be able to provide an alternative like a driver’s license. Keep in mind that if you don’t provide your SSN, some entities may refuse to provide the services requested. Some questions to consider asking are:

  • Why does the company need this information (what law or reason make this a requirement)?
  • How do you protect this information?
  • What will happen if I don’t provide it?
  • Is there is an alternative to providing my SSN (driver’s license, etc.)?

Protect your physical card, too – It’s crucial to not only correctly safeguard your social security number but to also protect the physical card to the best of your ability. This includes storing it in a secure place (like a locked safe) and by not carrying it around in your wallet or purse.

Be leery of scammers – Scammers may pose as the IRS, the Social Security Administration and others to attempt to gain access to your SSN and they may do so over the phone, through email, text or even through social media platforms. To stay safe, never provide your SSN or other sensitive information on a call that you didn’t initiate. Also, don’t automatically give out your Social Security number via email, text or social media messages, even if it looks like a legitimate business requesting it. Instead, call the entity directly by locating their number on their official website, on the back of your card or even on a recent bill.

If you know your social security number has been compromised, contact our advisors using our toll-free number (888-400-5530) and they can inform you about the necessary steps to take to resolve the issue. You can also reach us using our live chat feature.


Contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.

Read next: What Can a Thief Do With Your Driver’s License?

When the public hears about the latest data breach, they might envision a network of hackers working in the dark web. The reality, though, is sometimes a lot more mundane. Accidental data breaches can happen when information is allowed to fall into the wrong hands for any number of reasons, but the concerns that can arise can be just as serious.

In the past, accidental data breaches have occurred due to issues like losing an unencrypted laptop or flash drive. Other incidents were the result of unsecured servers whose information was unintentionally posted online. In some cases, though, the breach occurred through intentionally sharing information, only it was with the wrong recipient.

That’s the case for Chicago Public Schools (CPS) in a recent data breach that compromised students’ and families’ personal data. Families in the school system were sent an email providing them with a necessary enrollment form. The link included in the email was inadvertently attached to a spreadsheet containing information for nearly 4,000 students and parents in the district. The link was active for several hours before someone noticed the error and removed the information from the link. In this specific data breach, students’ names, phone numbers, email addresses, and student ID numbers were exposed.

Experts looking into the CPS breach point to a far bigger concern than just sending out a link rather than attaching the document that was supposed to go to the parents: why is there a speadsheet of student information stored online that is accessible by anyone who finds it? The spreadsheet was not password protected, and hours after CPS officials informed parents of the error—they requested the families delete the email rather than take down the link—the spreadsheet, however, was still readily accessible. Concerned officials see that as a lack of training and awareness of how to secure students’ personal data.

Unfortunately, this incident is the third such accidental data breach in the CPS school district since 2016. In 2016, an employee sent out sensitive information to unauthorized parties, providing them with access to students’ information.  In 2017, unsecured web documents were posted on the CPS website exposing medical conditions, students’ names, identification numbers and other information.


Contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.

There was a time when child identity theft was thought of as a family problem, and it’s true that many cases over the years have been perpetrated by a custodial or non-custodial parent, a close relative, or even a family friend. Once the individual gained access to the child’s sensitive documents, they could open numerous lines of credit with the child’s “untarnished” credit record. In many cases, the identity thief may have been trying to get out of a dire financial situation, and fully intended to pay off any debt incurred in the child’s name; at the same time, some unscrupulous thieves didn’t care what consequences waited for the child down the road.

Too often, the children didn’t even know they’d been victimized until they reached adulthood and tried to use their legitimate credit.

In more recent years, though, hackers and identity thieves have begun targeting kids in order to take advantage of clean credit that no one will be monitoring for years to come. Schools, doctor’s offices, daycare centers, even school lunch computers have suffered data breaches intent on nabbing kids’ personal identifiable information.

According to Javelin Strategy and Research’s 2018 Child Identity Fraud Study, there were more than one million reported cases of child identity theft in the US last year, with the majority of those cases victimizing children under the age of eight. Another 20 percent of the victims were between the ages of eight and twelve.

Unfortunately, those are just the cases that were reported, which means the actual number of victims may be much higher.

But this new avenue of data breaches leading to identity theft doesn’t mean that parents can let their guards down about friends or relatives. The same Javelin study found that in 60 percent of the cases last year, the child knew their identity thief; that’s very different from the data point that says only 7 percent of adult victims know their identity thief.

One of the increasingly common methods of using children’s stolen credentials is to grab a Social Security number and combine it with a fake name, address, phone number, and more. Known as “synthetic identity theft,” the thief isn’t using the child’s complete identity, but rather has created a whole new person with this information. That makes it a little harder for victims and law enforcement to notice the problem in the first place or take action after the fact.

Concerned parents or guardians have a few steps they can take, though. If the child in question is over 14, they can request a credit report in the same way that any consumer does. Visiting annualcreditreport.com will provide the minor in question with a free credit report, and allow them to look it over for signs of suspicious activity. If the child is under the age of 14, the steps are a little harder. The adult must prove they have a right to access and see the information, but it’s a worthwhile step if there’s reason to believe a child’s identity may have been compromised.


Contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.