Thank you Americans for providing yet another great example to point to, when arguing that holding private data centrally will inevitably lead to it being stolen.

[–] DoctorButts@kbin.melroy.org 7 points 4 weeks ago (1 children)

If a vulnerability in a system exists, then eventually someone WILL try to exploit it.

[–] delirious_owl@discuss.online 1 points 4 weeks ago

wut. If no vulnerability exists, then someone will try to exploit it.

And a vulnerability exists. It just hasn't been discovered yet.

[–] Zier@fedia.io 18 points 4 weeks ago (1 children)

Maybe use the number for Social Security taxes & benefits only and stop tying everything else to it, which I believe is actually illegal.

[–] faede@mander.xyz 8 points 4 weeks ago

Yep, but it doesn't even stop the federal government itself from using it all over.

[–] cm0002@lemmy.world 17 points 4 weeks ago (2 children)

Easy, just have such terrible credit that it's basically worthless

Taps forehead

[–] andrew_bidlaw@sh.itjust.works 9 points 4 weeks ago

Make criminals feel pity.

[–] wreckedcarzz@lemmy.world 5 points 4 weeks ago (1 children)

I'm doing my part!

[–] InputZero@lemmy.ml 2 points 4 weeks ago

I'm doing my part!

[–] delirious_owl@discuss.online 14 points 4 weeks ago

In a system that requires you to give your private keys to the other person for authentication, you basically have to revoke and generate new credentials every time you auth.

So basically we need to get a new passport or drivers license or social security number after every time we take a photo of it or let someone else scan it.

So basically its impossible to protect yourself in this environment

[–] Trigger2_2000@sh.itjust.works 13 points 4 weeks ago (1 children)

They already have mine (multiple times); thanks US government/Experian/etc.

[–] delirious_owl@discuss.online 0 points 4 weeks ago

I don't think Experian was hacked. It was the other one.

[–] Trigger2_2000@sh.itjust.works 9 points 4 weeks ago

From several years ago Experian was.

AT&T helped share my info more recently also; so many breaches anymore.

[–] jordanlund@lemmy.world 8 points 4 weeks ago (1 children)

I mean, it is a limited data set of less than a billion numbers...

001-01-0000 to 728-99-9999

The area number (001) and group number (01) are also known quantites, so you can limit that set down greatly. 729 to 999 are not in use for example.

[–] GardenVarietyAnxiety@lemmy.world 3 points 4 weeks ago* (last edited 4 weeks ago) (1 children)

~~You're not wrong, but there are enough demographics encoded in one that they could probably match names to a lot of them, if they don't already have them, with some brokered (or stolen) data~~

Not as much data encoded as I thought. Just place of birth, but still. If you are able to get these paired with data, this could be very bad.

Or very good, depending on your opinion of the system 😜

[–] jordanlund@lemmy.world 4 points 4 weeks ago

Technically not place of birth, it's the zip code of the address when the SSN was requested, but yeah, close enough for government work! ;)

[–] GardenVarietyAnxiety@lemmy.world 3 points 4 weeks ago

This could be very painful for a lot of Americans, but if it makes them overhaul the system, it might be worth it.

https://www.youtube.com/watch?v=Erp8IAUouus