OMB Website Exposes Thousands of SSNs

msblack writes "The New York Times is reporting that an Office of Management and Budget website accidentally exposed at least 30,000 social security numbers publicly online. As many as 100,000 to 150,000 individuals may have been affected. The cost to taxpayers just for notifications and credit monitoring is estimated to run $4 million. 'While there was no evidence to indicate whether anyone had in fact used the information improperly, officials at the Agriculture Department and the Census Bureau removed the Social Security numbers from the Census Web site last week. Officials at the Agriculture Department said Social Security numbers were included in the public database because doing so was the common practice years ago when the database was first created, before online identity theft was as well-known a threat as it is today. '"

Re:What is SSN?

[MarkPNeyer]

Every American citizen is issued a "social security number." Social Security is a "retirement" program instituted by the American government to provide for its citizens when they retire. The numbers are now used largely to identify citizens by banks, schools, hospitals, and many other organizations. If you have someone else's social security number and driver's license, you can most likely apply for a line of credit in their name.

It's basically a combination user-id and password which is transmitted in plain text. Very stupid.

Re:30k for 150k people? Huh?

[DragonWriter]

So 30,000 SS#'s were exposed, and 150k people might be in trouble?

The person who noticed the SSNs were available identified approximately 30,000 records with SSNs (not sure if that corresponds to 30,000 SSNs, or more -- because each record might have more than one -- or less, because there might be dupes.)

The subsequent review by the Agriculture Department suggested 100,000 to 150,000 people may have been affected, which I would assume reflects the range of social security numbers that may have been exposed.

Re:The third time it's enemy action.

[lawpoop]

A chart of personal data stolen from laptops from government organizations, schools, and corporations. [waynemadsenreport.com]

Re:semi-secret number bad tool for ID

[Kattspya]

I don't get this either. To me it looks like identity theft is mostly an north American problem. In Sweden we've got personal identification numbers that are used in all dealings with the state and sometimes when dealing with banks etc. It's your birth date followed by four digits and the last digits signifies male of female by being even or uneven. I haven't ever heard of any identity theft cases reported in the media. They may happen but they're not on the news or anywhere else.

I've seen a lot of ID-theft reported on different US sites and TV programs but I still don't get how it's possible. If someone issues a loan to a con man it should be their loss entirely and should be easily fixable. I cannot understand how this is an issue.

Can someone please tell me how this can me more than a small nuisance (i.e. that's not me fix it now please)?

Re:30,000 SS numbers?

[notshannon]

from http://www.ssa.gov/history/briefhistory3.html [ssa.gov]

Although, John Sweeney received the first SSN account, his was not the lowest number ever issued. That distinction fell to New Hampshire resident, Grace Dorothy Owen. Ms. Owen received number 001-01-0001.