Soc Sec Number compromised on Dark Web?

[Midpack]

So we got this notice from Discover this weekend, and of course it was cause for some concern. Just me, not DW? Since I read an article that said 272 million people were involved in this hack in August, I figured others here might have seen this to. Interesting the article also said our Soc Sec numbers are already out there and being sold, so it's not possible to escape in today's digital world.

I went on to Experian and placed a fraud alert on the account. And I double checked that we had a freeze on our account, we did. Of course Experian offers a paid subscription service with more protection, not subscribed.

I checked AnnualCreditReport.com and it showed 4 potential incidents of fraudulent activity, but none at our current address, and 3 were years ago.

Several sites, Experian and Pentester, have offered to remove my information from the dark web at some cost. We're not sure if that's a good idea or not, a one time "clean" or ongoing, and if we can't see what they've done - of what value is it?

Just wondered if others had this lately.

 

[foxcreek9]

We got that too, at this point just about everyone's SSN is on the dark web. Keep your CRs locked and carryon.

Don't pay to "clean" the dark web, its a waste of money.

 

[38Chevy454]

I agree, that is nothing new. You probably had your SSN out there before this notice. I've had numerous breaches from hacking at companies and even US govt (thanks OPM ). Just stay vigilant and don't pay for anything. Credit monitoring is typically offered free when you have a breach.

 

[VanWinkle]

Freeze your credit at all of the Credit Bureaus and move on. Everyone's
SS #s have likely been exposed at some time. I keep an eye on my
accounts on a daily basis- it only takes a few minutes. I don't trust paying some stranger to look at them daily if I can do it myself.

 

[easysurfer]

A few months back, I got a notice from Discover also about my SSN being on the dark web. Discover does a monthly courtesy scan. In months that followed, I haven't got another on dark web notice.

My credit is already frozen on 2 and locked (long story) on the other credit bureau.

It's interesting that there is an offer to have info removed from the dark web. As, I assumed that once out there, good luck getting that removed. Now I wonder who does the process work (actually seems like a bit suspicious). Does a place like Experian contact the bad guys from these sweatshops and ask them to remove the SSNs? Now this is almost sounding like if you got to a fortune teller, the teller says there is a curse on you and for a price, the teller will remove the curse.

For me, I figure having information out there in the hacked world is a price of living in the digital age. I hope that credit freezes are enough to keep the bad guys away. I'm not sure paying someone to clean up is any more than a false sense of security.

I don't understand why my Discover dark web scan one month says my SSN is on dark web, then after that not other hits. Am I that unattractive?

 

[MichaelB]

I agree with the others saying it seems impossible to scrub or remove one’s information once it’s out there. Even if it were possible, there’s nothing to stop it from happening again, and again.

Best to freeze credit and monitor regularly.

 

[Jerry1]

I got that also. I don’t have my credit frozen but I do have a free service through my AAA insurance that monitors my credit file for activity. No activity has been reported. I also have the free Experian account and I check there - no activity.

I was struck by how old the data that was reported to be on the dark web was. It showed an address that we haven’t lived in for over 30 years.

 

[Sunset]

I have my credit frozen at the big 3 reporting agencies.
All 3 were super easy to temporarily unfreeze for 1 day while I applied for a CC, then the freezes go back on automatically.

IF the CC company would say which agency they used, I would have left the other 2 frozen.
Technically, I could have logged back into all 3 agencies after the CC approval and remove the temp unfreeze, but I figured the risk is small so didn't bother.

Yeah, I've seen my data is out on the dark web, probably copied hundreds of times all over, so no real way to erase it.

 

[aja8888]

I'm old enough to remember when your Medicare number was your Social Security number.......

 

[Al18]

I received an alert on my SSN last month. Confirmed my credit report was frozen at all 3 and put a fraud alert. I switched my SS to login.gov and recently purchased a Yubico security key for 2FA at login.gov.

 

[wdwwildbill]

Got the same thing from Discover yesterday too. Already have Cr's frozen Not much else we can do

 

[ivinsfan]

I'm guessing Discover card only has the SS of the primary card holder and not the spouse. I got a notice as well and the breach happened last Spring so not a very timely notification. Also Discover is pushing hard for me to signup for an enhanced paid version of "monitor your identity". Discover has been pushing this hard for some time now. I assume it's a big money maker for them. I was sorting through some old paperwork and found a check blank that had both my DH and mine SS numbers printed directly in the address space. I laughed out loud at that.

 

[GrayHare]

Simply demonstrates how desperate Discover is. Their CEO position has been a revolving door after the last long-term CEO was forced out for wrongdoing. The Feds are looking for a shotgun wedding partner so as to avoid a taxpayer-funded bailout. Sure glad I don't have any $ with them, much less anything beyond the FDIC limit.

 

[N02L84ER]

I got this notification this morning.

 

[gauss]

Freeze your credit at all of the Credit Bureaus and move on. Everyone's
SS #s have likely been exposed at some time. I keep an eye on my
accounts on a daily basis- it only takes a few minutes. I don't trust paying some stranger to look at them daily if I can do it myself.

+1
I use to worry about Identity Theft 20 years ago or so. Then I became aware of the newly minted Credit Freezes at the credit bureaus from a Fraud consultant.

Once I put my freezes into effect (you had to pay back then), I have slept much better ever since.

-gauss

 

[GenXguy]

Another thread about this? Just had one a few months back about this specific data breach:

Massive Data Breach

My data is out there from the massive data breach. We are talking about, name, SSN, DOB and the goodies the criminals want :(. Billions in personal information records may have been exposed in an April data breach, a recent lawsuit has alleged, prompting warnings from identity experts...

www.early-retirement.org

In addition to freezing my credit at all 3 major credit rating agencies years ago, I took the extra step of setting up an IRS tax PIN (I already had one for state tax). This will prevent someone else filing under your name when tax season begins and getting a return at your expense before you have all the info you need to file yourself.

I had placed a fraud alert in the past which has expired since they only last a year unless someone tries to use your information for a longer term fraud alert.

And one other thing I did in the last year was do an E-Verify SSN lock so that illegals couldn't use my SS number.

I know there's more you can do with LexisNexis and tighten up security in other ways like with TFA or passkey devices for sites that allow it, SIM lock on phones, and more, which have been discussed elsewhere on this forum.

As for monitoring, I only use a couple free monitoring services, which alerts me to this same data breach about a month after it was first announced. I also believe that once your information is out there, it is out there, and no one is going to remove it once it's in the hands of these people.

 

[Midpack]

Another thread about this? Just had one a few months back about this specific data breach:

We were notified this past Sunday.

 

[Rianne]

All three credit reports frozen for years. Say they use your SS # for whatever, don't they have to know an awful lot about you. Someone in FL tried to open a small business with DH credit card. CC company caught it fast, we filed a police report and have to file our taxes with a specific ID number every year. I'm guessing they can steal your SS retirement payments. I would definitely know if that was happening. Other than opening a line of credit, how does it hurt you? I may rue the day I asked this question.

 

[Sarah S]

I recently got the notice from experian. Already got it from discover and a comment that my info was also on 30 something sites. Experian offered to remove information from those 30 odd sites but stated it was impossible to remove anything from the dark web. I have my doubts about these 30. A few months ago a professional organization offered to scrub about 60 sites for free. They did 20 something and claimed to be working on the rest. Those are experian’s 30+ so I doubt they are easily removed. But I have everything frozen and locked and protected as best I can

 

[GenXguy]

I'm guessing they can steal your SS retirement payments. I would definitely know if that was happening.

I setup id.me and linked it to my SS at ssa.gov, but I found my original SS login still works. The original login does request getting a code by email, at least, but I don't see a way to disable the old login method completely. ssa.gov does allow you to setup an option where you have to answer a verifiable identity or financial question when you login.

I did read elsewhere that the old logins would be disabled later.

 

[frank05]

There are more credit agencies than the big three they are used for more specialized checks like cellular accounts. Go the Krebs on Security where he has a past article on all the credit agencies.

 

[Car-Guy]

I got such notices a couple of times over the past few months.

 

[harllee]

Everyone's SS number is on the dark web. You just have to freeze your credit etc,

 

[donheff]

Everyone's social security number is floating around out there. If you added the "major breaches" up, the total would be astronomical. Hell, my SSN used to be my driver's license number! We should have just adopted it as a universal identifier decades ago. Freeze your credit rating and do your best to secure your accounts. .

 

[jjbychko]

So we got this notice from Discover this weekend, and of course it was cause for some concern. Just me, not DW? Since I read an article that said 272 million people were involved in this hack in August, I figured others here might have seen this to. Interesting the article also said our Soc Sec numbers are already out there and being sold, so it's not possible to escape in today's digital world.

I went on to Experian and placed a fraud alert on the account. And I double checked that we had a freeze on our account, we did. Of course Experian offers a paid subscription service with more protection, not subscribed.

I checked AnnualCreditReport.com and it showed 4 potential incidents of fraudulent activity, but none at our current address, and 3 were years ago.

Several sites, Experian and Pentester, have offered to remove my information from the dark web at some cost. We're not sure if that's a good idea or not, a one time "clean" or ongoing, and if we can't see what they've done - of what value is it?

Just wondered if others had this lately.
View attachment 52971

Had the same notice and did the freeze just like you. I am not doing anything extra. Just make sure you have the various notifications turned on for all your cards (on-line purchase, exceed certain value ect ect).