Comment by mellavora
3 years ago
SSNs are generated by a not very secret algorithm. They were explicitly designed to be public information.
You don't need a data leak to get someone's SSN.
Also, malicious actors are almost never targeting you specifically. It is enough for them to
1) choose a birthdate
2) generate all SSNs associated with that birthdate
3) get all employment/salary histories accessible with that info.
4) scan the list for interesting tagets
5) ...
6) profit
No comments yet
Contribute on Hacker News ↗