Kawasaki Concours Forum
Mish mash => Open Forum => Topic started by: Conrad on September 08, 2017, 05:18:18 AM
-
143 million folks potentially effected by this (including me it seems).
Here's the story.
http://money.cnn.com/2017/09/07/pf/victim-equifax-hack-how-to-find-out/index.html?iid=EL (http://money.cnn.com/2017/09/07/pf/victim-equifax-hack-how-to-find-out/index.html?iid=EL)
There are links in the story above so that you can check to see if you're potentially effected. Last name and the last 6 of your SSN are required. You will be offered a year of free credit monitoring regardless.
Another story.
http://www.msn.com/en-us/money/companies/143-million-peoples-social-security-numbers-were-exposed-in-the-equifax-hack-%E2%80%94-heres-how-to-check-if-youre-one-of-them/ar-AArttN0?li=BBmkt5R&ocid=ientp (http://www.msn.com/en-us/money/companies/143-million-peoples-social-security-numbers-were-exposed-in-the-equifax-hack-%E2%80%94-heres-how-to-check-if-youre-one-of-them/ar-AArttN0?li=BBmkt5R&ocid=ientp)
-
Credit monitoring is not credit fixing if the hack causes you problems.
That's funny... send the info that the hackers want to a credit monitoring company that just got hacked so they can tell you if the info that was stolen in the hack will affect your credit rating if it is used by the hackers. Did they hack themselves?
-
Credit monitoring is not credit fixing if the hack causes you problems.
No ****! The monitoring is so that you can see if there's an issue. It's awful hard to fix an issue that you don't know exists, don't you think?
That's funny... send the info that the hackers want to a credit monitoring company that just got hacked so they can tell you if the info that was stolen in the hack will affect your credit rating if it is used by the hackers. Did they hack themselves?
Yep, they hacked themselves so that they can get info that they already have and so that you can send your info in to them that they also already have. ::)
-
:yikes: :deadhorse: :loco: :nuts:
-
Wow, looks like The Dickhead pissed in somebodies Wheaties. Here's a hand full of smilies, winkies and nanas to brighten your day.... :) :) :) ;) ;) ;) :banana :banana :banana
-
"The company suggests you sign up for credit file monitoring and identity theft protection. It is providing free service for one year through TrustedID Premier -- whether or not you've been affected by the breach."
Standard practice for building your business: Give potential customers a "free" trial.
Is Equifax a piece of s**t company?
-
"Credit monitoring" is not only pretty much useless, it is a scam to try and get people to sign-up for a very profitable service. Most of them have draconian "auto-renewal" after the "free trial" or "free year" and they count on people forgetting to cancel and or being scared. The services can't and don't stop any abuse, but just allow you to SEE what is on your credit report and some will attempt to notify you when it is accessed. Both require you to take quick action, do something, fight things, etc.
If you really want to protect your identity and credit, then it requires "locking" or "freezing" your credit reports. That didn't used to be possible, but now it is. But rather than making it easy and centralized, one has to enroll/setup AND pay about $10 to each of the 3 agencies.
http://clark.com/personal-finance-credit/credit-freeze-and-thaw-guide/ (http://clark.com/personal-finance-credit/credit-freeze-and-thaw-guide/)
Of course, you then have "thaw" them if you ever apply for credit or need your credit score checked by any company that requires a credit check before opening an account or doing business. That even means things that have NOTHING to do with opening a new line of credit, for example: enrolling in cell phone service, opening a bank account, being hired by some employers, getting certain types of licenses, getting utilities turned on (water/electric/gas), etc.
-
If you really want to protect your identity and credit, ...
I don't believe there is a 100% sure fire way to do that.
Unfortunately it seems the best anybody could do is deal in all cash, no cards, no credit, no electronic anything. And if you could somehow separate from having a SS number. You know, like an illegal immigrant.
-
There's another aspect to it - be part of a class action lawsuit.
My data were stolen as part of the Anthem breach not quite 3 years ago. The @#$#birds filed a bogus income tax report to IRS, and when I came along 3 months after that and filed the real return, IRS rejected it. It didn't take long to get all that straightened out with IRS (I had to pay a little bit of money that year and did not expect a refund) but the class action lawsuit will rip a few million $$ out of Anthem for having extremely lax security measures that allowed the hackers free rein.
Of course it takes years for the lawsuit to come about, as it will in the next couple of months for the Anthem debacle.
-
I don't believe there is a 100% sure fire way to do that.
There isn't, but it is probably the most effective thing any of us could do (in addition to following common-sense stuff).
Unfortunately it seems the best anybody could do is deal in all cash, no cards, no credit, no electronic anything. And if you could somehow separate from having a SS number. You know, like an illegal immigrant.
Well, that is a world where you couldn't hardly buy anything, live anywhere, or work anywhere. Might be too difficult for most.
-
"equifaxsecurity2017.com site is completely broken at best, and little more than a stalling tactic or sham at worst. In the early hours after the breach announcement, the site was being flagged by various browsers as a phishing threat. In some cases, people visiting the site were told they were not affected, only to find they received a different answer when they checked the site with the same information on their mobile phones. It's clear Equifax's goal isn't to protect the consumer or bring them vital information. It's to get you to sign up for its revenue-generating product TrustID."
https://krebsonsecurity.com/2017/09/equifax-breach-response-turns-dumpster-fire/
-
"equifaxsecurity2017.com site is completely broken at best, and little more than a stalling tactic or sham at worst. In the early hours after the breach announcement, the site was being flagged by various browsers as a phishing threat. In some cases, people visiting the site were told they were not affected, only to find they received a different answer when they checked the site with the same information on their mobile phones. It's clear Equifax's goal isn't to protect the consumer or bring them vital information. It's to get you to sign up for its revenue-generating product TrustID."
https://krebsonsecurity.com/2017/09/equifax-breach-response-turns-dumpster-fire/
::) 8)
-
"equifaxsecurity2017.com site is completely broken at best, and little more than a stalling tactic or sham at worst. In the early hours after the breach announcement, the site was being flagged by various browsers as a phishing threat. In some cases, people visiting the site were told they were not affected, only to find they received a different answer when they checked the site with the same information on their mobile phones. It's clear Equifax's goal isn't to protect the consumer or bring them vital information. It's to get you to sign up for its revenue-generating product TrustID."
https://krebsonsecurity.com/2017/09/equifax-breach-response-turns-dumpster-fire/
Excellent find, Max. Thanks for posting.
-
"Credit monitoring" is not only pretty much useless, it is a scam to try and get people to sign-up for a very profitable service. Most of them have draconian "auto-renewal" after the "free trial" or "free year" and they count on people forgetting to cancel and or being scared. The services can't and don't stop any abuse, but just allow you to SEE what is on your credit report and some will attempt to notify you when it is accessed. Both require you to take quick action, do something, fight things, etc.
If you really want to protect your identity and credit, then it requires "locking" or "freezing" your credit reports. That didn't used to be possible, but now it is. But rather than making it easy and centralized, one has to enroll/setup AND pay about $10 to each of the 3 agencies.
http://clark.com/personal-finance-credit/credit-freeze-and-thaw-guide/ (http://clark.com/personal-finance-credit/credit-freeze-and-thaw-guide/)
Of course, you then have "thaw" them if you ever apply for credit or need your credit score checked by any company that requires a credit check before opening an account or doing business. That even means things that have NOTHING to do with opening a new line of credit, for example: enrolling in cell phone service, opening a bank account, being hired by some employers, getting certain types of licenses, getting utilities turned on (water/electric/gas), etc.
And don't forget, if you have a security freeze (credit freeze) applied to your accounts after paying the fee and then you need to 'thaw' your accounts for whatever reason, you'll have to pay the fee all over again to have them frozen.
That said, I'll be freezing all my accounts this week.
There's some good info here. http://money.cnn.com/2017/09/09/pf/what-to-do-equifax-hack/index.html (http://money.cnn.com/2017/09/09/pf/what-to-do-equifax-hack/index.html)
-
And don't forget, if you have a security freeze (credit freeze) applied to your accounts after paying the fee and then you need to 'thaw' your accounts for whatever reason, you'll have to pay the fee all over again to have them frozen.
Actually, I checked two of the agencies and neither (in VA anyway) have fees to temporarily or permanently unfreeze. So check it closely. In 3 [stupid] States, the freeze only lasts 7 years, in the others, "forever." $30 to freeze doesn't seem that bad if it is just a one-time expense.
That said, I'll be freezing all my accounts this week.
I will admit I have not done so, although I probably should.
-
I just tried to get my credit reports online from this site, https://www.annualcreditreport.com/index.action (https://www.annualcreditreport.com/index.action)
You're supposed to be able to get access to all three of your reports via the above site. Once you enter your personal info they ask you for some additional identifiers. Questions like license plate numbers or where were you living in 2001. I was able to get only one report because the other two agencies apparently have incorrect info listed for me. Catch 22.
It seems that I was living in another state back in 2001, who knew? Somehow they crossed my oldest son's records with mine.
-
[/quote]
http://wccftech.com/equifax-breach-victims-phishing-site/ (http://wccftech.com/equifax-breach-victims-phishing-site/)
https://gizmodo.com/equifax-has-been-sending-consumers-to-a-fake-phishing-s-1818588764 (https://gizmodo.com/equifax-has-been-sending-consumers-to-a-fake-phishing-s-1818588764)
etc... 8)
-
The original URL in the articles this thread pointed to are correct/real. The problem is that it is a stupid, stupid, stupid domain name and LOOKS fake and it is easy for scammers to then register other variants of that name to fool people.
They should have used ONLY the main equifax.com domain like this: https://equifax.com/security2017
-
shoulda coulda woulda
-
Budda
-
And don't forget, if you have a security freeze (credit freeze) applied to your accounts after paying the fee and then you need to 'thaw' your accounts for whatever reason, you'll have to pay the fee all over again to have them frozen.
That said, I'll be freezing all my accounts this week.
There's some good info here. http://money.cnn.com/2017/09/09/pf/what-to-do-equifax-hack/index.html (http://money.cnn.com/2017/09/09/pf/what-to-do-equifax-hack/index.html)
Let us know if you are successful. I have only been able to get endless waits on the phone and data transfer failures from the online setup pages.
-
Let us know if you are successful. I have only been able to get endless waits on the phone and data transfer failures from the online setup pages.
Makes one wonder if the demand for such service is overwhelming now, or if they are being intentionally uncooperative....
-
And now to add to the continued drama:
Experian makes it easy to undo a credit freeze, resetting a subject's PIN through an easily accessible account recovery page. That page only asks for a person's name, address, date of birth, and Social Security number...data [that] was compromised in the Equifax breach, as well as other breaches, so we can probably assume hackers possess this information. After entering that data, attackers then just have to enter an email address -- any email -- and answer a few security questions.
https://krebsonsecurity.com/2017/09/experian-site-can-give-anyone-your-credit-freeze-pin
-
And now to add to the continued drama:
Experian makes it easy to undo a credit freeze, resetting a subject's PIN through an easily accessible account recovery page. That page only asks for a person's name, address, date of birth, and Social Security number...data [that] was compromised in the Equifax breach, as well as other breaches, so we can probably assume hackers possess this information. After entering that data, attackers then just have to enter an email address -- any email -- and answer a few security questions.
https://krebsonsecurity.com/2017/09/experian-site-can-give-anyone-your-credit-freeze-pin
Nice! :o
I guess if the hackers have all the info they need to do this it won't hurt to put a credit freeze in place anyways. It'll just be another step that the hackers need to go through to take your identity. Anything that slows them down is good, makes em look to someone else that doesn't have a freeze in place at least.
-
Nice! :o
I guess if the hackers have all the info they need to do this it won't hurt to put a credit freeze in place anyways. It'll just be another step that the hackers need to go through to take your identity. Anything that slows them down is good, makes em look to someone else that doesn't have a freeze in place at least.
Well, Equifax claims they ask other questions not in the data leak and check other information before resetting a PIN. Hmm. Plus, this is only Equifax and not the other two credit agencies. I wouldn't want to imply that locking is not a good idea, it is, I just thought it interesting that they don't seem to learn their lesson.
-
Well, Equifax claims they ask other questions not in the data leak and check other information before resetting a PIN. Hmm. Plus, this is only Equifax and not the other two credit agencies. I wouldn't want to imply that locking is not a good idea, it is, I just thought it interesting that they don't seem to learn their lesson.
I haven't done the freeze yet but I am this week. My understanding of the freeze is that one only has to have a freeze put in place by one of the credit reporting agencies and that once that is done that the other two agencies will be notified and they will freeze your credit with them as well. At least that's the way it's supposed to work...
-
Might check on that, C. Some of what I've read says you have to contact all three agencies. Conflicting information, go figure. ::)
-
Yeah, what I read said you have to do all three individually
-
Maybe I'm too cynical, but since the thieves were able to steal data before, I must assume they'll be able to again, even with new layers.
I guess my question is like asking, 'Why bother locking your doors?' ... but the identity data theft feels pretty hopeless. I find myself anticipating logging in to my investment account and seeing a balance of $0. Or learning that my house is no longer my house.
-
Might check on that, C. Some of what I've read says you have to contact all three agencies. Conflicting information, go figure. ::)
Yeah, what I read said you have to do all three individually
Yep, you two are right. The process has to be repeated for each agency.
I did sign up for the Equifax monitoring and at their website you can lock and unlock your credit report with the click of a mouse. Now Equifax says that it's going to allow customers to lock and unlock for free and for life.
-
Maybe I'm too cynical, but since the thieves were able to steal data before, I must assume they'll be able to again, even with new layers.
I guess my question is like asking, 'Why bother locking your doors?' ... but the identity data theft feels pretty hopeless. I find myself anticipating logging in to my investment account and seeing a balance of $0. Or learning that my house is no longer my house.
Why bother? It's better to do something about this than nothing, don't you think?
I was also worried about our investment accounts. I contacted our advisor about this and he said not to worry. Noting can be done with our accounts without a signature and some paperwork.
-
Liz Weston: Equifax just changed the rest of your life (from https://finance.yahoo.com/news/liz-weston-equifax-just-changed-135415381.html)
Adding freezes to your credit reports is an appropriate response to the massive Equifax database breach that exposed the private information of 143 million Americans.
Don't make the mistake of thinking those freezes will keep you safe, however.
Credit freezes lock down your credit reports in a way that should prevent "new account fraud," or bogus accounts being opened in your name. But there are so many other ways the bad guys can use the information they stole, which included Social Security numbers, birthdates, addresses and some driver's license numbers. Others include:
—Stealing your tax refund and preventing you from filing returns by submitting fake ones
—Using your information to get health care, which can result not only in medical collections on your credit reports but a stranger's health information getting mixed in with your records
—Giving your identification to the police when they get arrested, creating criminal records that could land you in jail or prevent you from getting a job
—Filing for bankruptcy in your name or transferring deeds of property you own
You can't prevent any of these bad things from happening. The best you can do is remain as vigilant as you can and try to clear up the messes as they happen.
If you feel helpless, there's a good reason for that: You are.
THEFT AND RUIN, DONE IN YOUR NAME
"Equifax just signed you up for a lifetime game of Whack-A-Mole," says Leslie Beck, a certified financial planner in Rutherford, New Jersey.
Beck's husband, Mark, is an investment consultant who's been the repeated victim of identity theft after his wallet was stolen in 1999. Shutting down bogus credit accounts — freezes weren't available back then — was just the start. One thief used Mark Beck's name to commit insurance fraud by staging phony car accidents. Another was arrested for public urination, creating an outstanding warrant in Mark Beck's name that could have cost him his job.
The last incident was in 2007, but the Becks say they're still on high alert. "I never feel safe anymore," Mark Beck says.
The Becks' world is our world now. We need to scan every piece of mail and junk mail, looking for unfamiliar names that could indicate someone is trying to take over our accounts. We need to obsessively check our bank statements, credit card bills and credit reports for unauthorized activity. We need to hold our breath every time we apply for a job or get stopped by a cop, lest someone else's misdeeds derail our lives.
We need to pay the price, in other words, because a private company couldn't be bothered to invest adequately in the security that might have protected us.
CONGRESS, FORBID THE USE OF SOCIAL SECURITY NUMBERS
There's one thing Congress can and should do to mitigate the damage.
It's not making freezes free, although that would be nice. It typically costs $3 to $10 at each of the three bureaus to freeze your report, plus $2 to $10 to lift the freeze temporarily if you want new credit — or a job, or insurance, or an apartment, or cell service, or any of the other reasons companies have to check your report. The idea that you have to pay to protect your own information, which was gathered and bartered without your consent, is outrageous.
Congress also is not requiring the bureaus to offer free credit monitoring for life — although that, too, would help, since that can alert you to bogus credit accounts and help you clear up the damage.
What Congress should do is to forbid private companies and government agencies, except for Social Security, from using Social Security numbers as an all-purpose identifier. We wouldn't be so vulnerable to so many frauds if those digits were limited to their original purpose of earning and receiving retirement and disability benefits.
The cost of switching away from Social Security numbers would be huge. The good news: Much of that expense would be borne by the companies that have been profiting from using our data in the first place.
WHAT YOU CAN DO NOW
—Get your credit reports from the three major bureaus and look for accounts you don't recognize. Here's how to use AnnualCreditReport.com ; you can check each bureau once a year.
—Sign up for a free credit report service that you can access more frequently. It will alert you to new accounts, changes in your score or new negative items.
—Freeze your credit reports as soon as possible with each of the three major credit bureaus to prevent scammers from opening new accounts. If a freeze is inconvenient or unavailable, set fraud alerts on your reports.
—Stay vigilant. As long as your Social Security number is the key to your identity, you'll need to be on guard. That's our life now, thanks to Equifax.
-
We, my wife and I, both together and individually, have been defrauded so many times now it is the new normal. In fact I had a credit card company call Sat. and ask about what they thought was unusual activity; sure enough, two fraudulent charges on the card, with one being at an Apple store (many of my C.C. fraudulent charges have been at the Apple store- go figure). I have no idea if my data was kicked loose in this Equifax data loss or not and honestly, do not care.
I have been 'clipped' a bunch of times, all the way up to and including multiple filings with the IRS (I only do that once a year) twice so far.
I have taken steps to keep the amount of money available for any type of transfer or immediate use small, and have opened other accounts with no electronic access. Most money is there, with a small amount of working capital available and possibly exposed to fraud and theft. Of course that does not prevent fraud but it does limit the amount, which I think is a huge step in the right direction.
Otherwise, it has not cost me one penny, at least not so far, and all fraudulent charges have been removed immediately.
I am not suggesting that others do this, just mentioning my own experience.
Brian
Why bother? It's better to do something about this than nothing, don't you think?
I was also worried about our investment accounts. I contacted our advisor about this and he said not to worry. Noting can be done with our accounts without a signature and some paperwork.
-
What Congress should do is to forbid private companies and government agencies, except for Social Security, from using Social Security numbers as an all-purpose identifier.
The sad part is that it was KNOWN at the time of the creation of the SSN that it would be abused, and protections were put in place at the time, but only against government abuse. People failed at the time to see that big business is just as much a thread to security and freedom as government. https://freedom-school.com/citizenship/use-of-social-security-numbers.pdf
There has been this wild assumption that somehow the SSN is, was, and would remain "secret". It never has been, and never should have been considered to be. That was problem #1. Problem #2 was that SSN was used as a universal ID, and any such number is and always will be a threat to privacy and freedom because it allows easy sharing and linking of information in databases. Problem #3 is the wrong assumption that SSN is absolutely correct and unique. The whole "credit reporting" was designed around SSN and thus just about ANY company can use a credit check as an excuse to force getting the number, EVEN WHEN IT HAS NOTHING TO DO WITH CREDIT, because they can say they must report your payment history to credit agencies. Add in employer requirements, tax requirements, welfare, Medicare, military, and it is nearly impossible for things not to have gone crazy stupid. For years VA put the damn SSN on my DRIVER'S LICENSE! I had to drill through it on the card to make sure people checking for ID couldn't just copy it without my permission.... until VA finally gave us an opt out... and then much later removed it completely by default.
And you know what businesses seem to be trying to use as a replacement for SSN now (or at least augment it)? Your freaking cell phone number! Every company is trying desperately to require people to get and force people to give them their cell number and use that as an ID. I call Cox and get asked it every time. When I try to say no, and here is my ACCOUNT NUMBER, they treat me like I am insane. Same thing with the power company, the gas company, etc.
Now wait for biometrics- collection of fingerprints and DNA will be the next major huge violation of civil liberties and abused on a scale we can hardly even imagine. Not just because you can't change them, but because you leave them all over the place, so it will be the least "secret" and most damaging way of tracking and searching without probable cause. Don't even get me started!!
-
So, I guess we can take it you will not be getting the biochip implant?
-
So, I guess we can take it you will not be getting the biochip implant?
That is a good assumption
-
Over here in he UK everyone is issued a NI (National Insurance ) number at the age of 16 however its not routinely used as an Identifier when applying for anything. (In fact I can honestly say I've never had to use it when applying for any credit/loans and actually would probably walk away from any company that did ask for it)
Typically the only people who ask for it are your employer for tax purposes although it is also used to validate your entitlement to vote and as a checksum for checking your Driving Licence(which has its own number) details online.
Cedit /loan companies used to like asking for Landline numbers although thats slowly being replaced by making mobile numbers/email addresses a compulsory field.
If you're applying for something physically then you normally have to take in 3 items from an approved list of documentation (eg utility bills, bank statements etc)
-
Just got a flash from my local paper. Evidently, one the the thieves called one of the IDs stolen from Equifax. He called the number and gave out a story the person answering the phone had been served with a subpoena from a law enforcement agency and he needed to wire some money so he would not get arrested. Turns out the person answering was a police officer at the station he was supposedly gong to get hit with a warrant from.
Latest news is that EVERY Equifax account may have been hacked.
-
Over here in he UK everyone is issued a NI (National Insurance ) number at the age of 16 however its not routinely used as an Identifier when applying for anything. (In fact I can honestly say I've never had to use it when applying for any credit/loans and actually would probably walk away from any company that did ask for it)
Interesting...
I dug out my original SSN card from the mid/late sixties (boy has my signature has changed!). Printed on the bottom of the card is:
"FOR SOCIAL SECURITY AND TAX PURPOSES-NOT FOR IDENTIFICATION".
So where did we (user or vendor) screw this minor detail up?
Of note, I've run across one/more forms where I have the option of NOT using my SSN for ID. The FAA comes to mind.
Also of note, our SSN is just a number on a cheesy card. No finger print, no picture, no biometric data. And if asked, all I have to do is rattle off my SSN from memory. Vendors *NEVER* ask to see the card. And I have to assume the SS Administration will never verify my number/details outside their department. Except for maybe employment verification (applying for a job). There may be others... :-/
Rick
-
No problem the WhiteHouse (backed by Equifax) is planning to Nuke SSNs ;)
https://www.theregister.co.uk/2017/10/04/white_house_plans_to_ditch_social_security_numbers_as_ids/ (https://www.theregister.co.uk/2017/10/04/white_house_plans_to_ditch_social_security_numbers_as_ids/)
Oooh and did any one mention that Equifax have won a contract to process yuor Tax returns?
https://www.theregister.co.uk/2017/10/03/equifax_irs_contract/ (https://www.theregister.co.uk/2017/10/03/equifax_irs_contract/)
-
No problem the WhiteHouse (backed by Equifax) is planning to Nuke SSNs ;)
https://www.theregister.co.uk/2017/10/04/white_house_plans_to_ditch_social_security_numbers_as_ids/ (https://www.theregister.co.uk/2017/10/04/white_house_plans_to_ditch_social_security_numbers_as_ids/)
Oooh and did any one mention that Equifax have won a contract to process yuor Tax returns?
https://www.theregister.co.uk/2017/10/03/equifax_irs_contract/ (https://www.theregister.co.uk/2017/10/03/equifax_irs_contract/)
Yep, saw both yesterday. The IRS deal was already "done" before the whole disaster, but isn't that just insane? Even with a binding contract, perhaps there is a way out of it with some legal magic. Congress is pissed.
-
Congress doesn't give a **** unless their names got released. Usual dog and pony show for public consumption.
-
...
Also of note, our SSN is just a number on a cheesy card. No finger print, no picture, no biometric data. ...
Start asking for those to be required and you'll be labeled a racist.
-
Start asking for those to be required and you'll be labeled a racist.
Or insane.
-
Just a "slightly revised" estimate on the number of UK residents impacted
https://www.theregister.co.uk/2017/10/10/equifax_uk_records_update/ (https://www.theregister.co.uk/2017/10/10/equifax_uk_records_update/)
-
Depending on when your SS Card was issued, it will have different text on the front. I have one of the old ones also that says "Not for Identification". But that language was later deleted from the card.
https://www.ssa.gov/history/ssn/ssnversions.html (https://www.ssa.gov/history/ssn/ssnversions.html)
When I got my A&P license in 1975, the license number as issued by the FAA was your Soc Sec #. So.......for about 25 years, until the reg's changed, every logbook, squawk sheet, or work order I signed had my Soc Sec # followed by my signature. So....THOUSANDS of people have access to my # and signature. Later, you could get a new license with new number, which I did.
Some years ago when I got a job that required a security clearance, I gave all my documents, driver's license, birth certificate, resume, etc., to the security officer at the new job and she FAXed it to the company that does the clearance research. She hit the "SEND" button on the FAX machine, and then said, "Oops. Oh, crap." Or words to that effect. Seems she sent it to the wrong number. I said, "So...you just FAXed my ENTIRE IDENTITY to some unknown location????????!?!?!?!?!?"
It ultimately didn't matter since a few years ago, the Chinese hacked the gov't and they got all of the data for all of the people with security clearances, anyway.
No one is safe. NO ONE.
The way we as a society SHOULD have fought the Soc Sec# as ID was to have just refused to provide it to anyone but the IRS or Soc Sec Administration. But those days are gone and it's too late now.