Blog

Short blog posts, journal entries, and random thoughts. Topics include a mix of personal and the world at large. 

Did you get got?

Is your Social Security number amongst the billions of personal information records that were hacked from National Public Data, a background check service? Apparently a hacking group stole all of that information, and has been offering them for sale on the dark web. You can go here to check if your very own personal information is a part of that data breach.

I am lucky: there were no matches found for my information. Unfortunately, I have friends and coworkers who were not so lucky. They now have to freeze their credit at the three major credit bureaus, and keep a hawkish eye on their Credit Karma accounts.

It’s crazy to think that back in the day - well before my time, San Francisco State University ID numbers were people’s Social Security numbers! Either that was the stupidest thing ever, or indeed it was during a time when the Internet isn’t what it has become today. Back then, even if you know a person’s Social Security number, using it for nefarious stuff isn’t so easy. To open lines of credit, you would have to physically visit a bank. Pro tip for those looking to commit fraud: best not do so in-person, at places with security cameras.

Obviously it’s whole new world these days. A name with a matching Social Security number is a gushing gold mine for opening credit cards. Some ill-gotten spending power is just a few clicks on a banking website away.

You know what they should do? Invoke a second factor authentication whenever Social Security number is used. Something that only the actual person would know, or have access to that information. Perhaps the total gross income from a specific tax return year. The bank should be able to verify this with the IRS. It’s a hassle, sure, but I would definitely want that safety when my credit identity and worthiness is at stake.

So fast.