Social Security Numbers Can Be Guessed From Social Networking Sites
While we did not strategically plan the timing of this news with our recent podcast with Jim Harvey and the post on social networks and employers, Carnegie Mellon University’s recent study that found that Social Security numbers can be guessed by using information found on social networks such as Facebook and MySpace fits into our recent theme of social networks and privacy/identity theft.
An economist and computer scientist at Carnegie Mellon’s Heinz School of Public Policy and Management in Pittsburgh used records from the Social Security Administration’s Death Master File to search for statistical patterns in the Social Security numbers of people. They obtained birth data from voter registration lists, online white pages, social networking sites and other sources.
We all knew that it was pretty easy to guess social security numbers and this study further proves this. The Social Security Administration told Bloomberg News that it is developing a system for randomly assigning new numbers and expects to unveil it next year. In addition, at least 25 states have enacted laws to restrict the use of Social Security numbers on public documents. Perhaps the other 25 should consider this law??
.gif)
Facebook
LinkedIn
Twitter
From Linked-In:
You know, I’m somewhat surprised at how shocked the rest of the community seems to be. Many of us knew about this and other number schemes and have known about it for a while. Here are a good examples: http://www.highprogrammer.com/alan/numbers/index.html , http://cpsr.org/issues/privacy/SSNStructure/ , http://privacy.cs.cmu.edu/dataprivacy/projects/ssnwatch/
From Linked-In:
When you read the details, the predominant headlines for this story are highly misleading. The accuracy isn’t all that great for getting all 9 digits correct, and the bot-driven process for overcoming the lack of accuracy suggests to me that there are more efficient ways of collecting and (mis)using SSNs. Not that fraudsters wouldn’t use this or other methods available to them, but I think most folks saw the headline and reacted without getting the full picture.