Tech

Has your Social Security number been leaked on the dark web? Use this tool to find out


A hooded figure is depicted running with a large bag, from which pieces of paper with asterisks (symbolizing passwords or confidential information) fall. The background is solid red, creating a striking contrast and emphasizing the theme of cyber theft or data breaches.

rob dobi/Getty Images

This article was first published on August 14, 2014. The article was updated on August 18, 2014 to include information about the new Pentester tool.

You may never have heard of it. National Public DataThe company makes money by collecting and selling access to your personal data to credit card companies, employers, and private investigators. Now it seems USDoD hackers stole about 2.9 billion records. It’s likely that your records — including your Social Security number (SSN) — will be in those databases.

Also: 7 Password Rules to Follow in 2024, According to Security Experts

USDoD wants sell this data for a low price of $3.5 million. Ironically, before USDoD could profit from the theft, another threat actor, Fenice, swiped data and release it on the dark web.

How bad is it really? According to security organization Vx-UndergroundStolen data includes

  • First name
  • Surname
  • Address
  • Address history (three decades)
  • Social Security Number

Vx-Underground also found that “the database does not contain information from individuals who use the data opt-out service.” This is Websites or services that let you say no for a company or group that wants to keep your records.

It’s good to know that, but for many, it’s probably a little too late.

Also: Best VPN Services: Tested and Reviewed by Experts

The leaked data, totaling 277GB, could be used for identity theft and fraud. While the breach doesn’t necessarily affect 2.9 billion unique individuals (since each person has multiple profiles), it still poses a significant risk. The information could be used to open fraudulent accounts, apply for loans, or even commit tax fraud.

How to Know if Your SSN Has Been Leaked

Have a website that can tell you if your SSN was leaked from the personal security company Pentester. It asks you to enter your first name, last name, year of birth, and the state you lived in. If your SSN is in there, the site will show you a chart showing your address on file and the last two digits of your SSN.

If you can’t find records for your current state or name, try searching for previous states and/or other surnames.

I tested this tool and found valid profiles listed.

Also: Remove yourself from the internet with these online data deletion services

As Richard Glaser, co-founder of Pentester, puts it, “Your name, address, and phone number may change, but your social security number does not.” Financial institutions use SSNs to verify your identity and comply with regulations when you apply for a loan, credit card, or investment. If you are a US citizen, this is the key to your identity. That is why it is important to determine whether your SSN is publicly available.

How to monitor your credit report

If your SSN has been leaked, check your credit reports (Experian, Equifax, and TransUnion) for any unauthorized activity (and do so regularly in the future!). Report any suspicious transactions to the credit bureaus, through their websites and credit freeze order to prevent new accounts from being opened under your name.

You can freeze your credit through credit companies, Equifax credit freeze, Experian Credit FreezeAnd TransUnion Credit Freeze. Some financial companies, such as Credit Karmacan also help you freeze your credit.

Also: How to freeze your credit — and how it can help protect you after a data breach

If you’re concerned that your data is being used against you, it’s time to take action. identity theft protection and credit monitoring services to protect yourself. ZDNET recommends Halo is the best overall service.

However, using these services alone is not enough.

Beware of scam attempts

You should also be wary of phishing attack. Be wary of emails, texts or calls that try to ask for personal information. Scammers will use your leaked data to create convincing phishing attacks. For example, I recently received an email purporting to be from my bank, which included my address, warning that my account had been hacked and that I needed to change my password from the included link. Right away.

Also: Stop Paying for Third-Party Antivirus Software. Here’s Why

Whenever you receive such a message, whether it is warning you about something terrible or promising you something that sounds too good to be true, do not believe it. Never click on links from such emails or text messages.

What to do if you click on a phishing link

If you’ve clicked on a phishing link, don’t panic. However, take the following steps immediately:

  1. Disconnect from the Internet and your local network immediately. This prevents any potential malware from spreading or communicating with malicious servers.

  2. Back up important data to an external hard drive or USB drive. This protects your information in case of data loss or corruption.

  3. Run one comprehensive antivirus software check. Don’t have an antivirus program on your device? Then you should download the antivirus program to another computer, transfer the installation program to a USB drive, and install it on the affected machine.

  4. Change the passwords for all your online accounts, especially important ones like your bank and credit card accounts. Use strong, unique passwords for each account and consider using password manager

  5. Allow multi-factor authentication. Enable multi-factor authentication (MFA) on your accounts whenever possible. This adds an extra layer of security.

  6. Keep an eye on your important online accounts. If you see any suspicious activity, contact the company as soon as possible.

What to Do If Your SSN Is Compromised

If someone uses your SSN illegally or without your consent, you should take the following steps:

  1. File a report with the Federal Trade Commission (FTC) at IdentityTheft.govThis website will guide you through the process and provide a personalized recovery plan.
  2. File a police report with your local law enforcement agency. While they may not be able to investigate right away, having a police report can serve as an important document.
  3. Monitor your credit report for any unauthorized accounts or activity. You can get a free weekly credit report from AnnualCreditReport.com.
  4. As I mentioned earlier, you should put a credit freeze on your credit report with all three major credit bureaus — Equifax, Experian, and TransUnion. This prevents new accounts from being opened in your name. You can also place a fraud alert on your credit report, requiring businesses to verify your identity before extending credit in your name.
  5. Your review Social Security Report for any suspicious activity, such as unreported income.

Next, contact the Internal Revenue Service (IRS) to prevent potential tax fraud. Here’s what to do:

  1. Contact the IRS: You can contact the IRS Identity Protection Unit by calling 1-800-908-4490. This line is dedicated to assisting individuals who believe they are victims of identity theft related to their tax accounts.
  2. Submit an affidavit of identity theft: Complete IRS Form 14039form used to report suspected identity theft to the IRS. You can file it online via IdentityTheft.govThe agency will forward the form to the IRS, or you can download the form from the IRS website and mail it along with your tax return to the address specified on the form.
  3. Responding to an IRS Notice: If you receive a notice from the IRS stating that your SSN has been used fraudulently, follow the instructions provided in the notice. Typically, such notices are sent by mail. You may then be asked to submit Form 14039 or other documentation to verify your identity and resolve the issue.

This can be a long and tedious process. But if you don’t check and — if necessary — protect your accounts, your identity could be stolen. Recovering from identity theft is much more painful than preventing it.

Also: Did You Receive a Fake McAfee Invoice? How the Scam Works and 2 Things You Should Never Do

Then, stay vigilant and continue to monitor your accounts and credit reports regularly. If you notice any suspicious activity, report it immediately to the relevant authorities and financial institutions. This is not a threat that you can address once and then forget about. This is a threat that will continue for the rest of your life.

Yeah, I hate that too.

News7f

News 7F: Update the world's latest breaking news online of the day, breaking news, politics, society today, international mainstream news .Updated news 24/7: Entertainment, Sports...at the World everyday world. Hot news, images, video clips that are updated quickly and reliably

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button