Carnegie Mellon Study Shows Crooks Can Use SS#s Without Stealing Them -- Rebecca Herold, The Privacy Professor, Explains Ramifications
Study proves social security numbers are easily guessed, and warns not to use them to verify identity or as passwords. World-renowned expert offers up tips and advice to help businesses avoid disaster in the wake of this report.
Des Moines, IA, July 11, 2009 --(PR.com)-- Because of the way that social security numbers are formed – and how readily the information used to form them can be found – it is comparatively easy for people to create valid social security numbers and use them for criminal purposes. Crooks don't have to steal social security numbers from businesses. People won't know crooks are using their social security numbers until after the crimes, and damage to credit reports, have taken place.
"Social security numbers were created for the purpose of tracking earnings and paying benefits," Herold explains. "They were never meant to be used by businesses as an identifier but have taken on that role because everyone has one, and so it was easy to do. Why create something new if there was already a unique ID available, right? At least that is what business leaders argued; after all, it saved them time and money."
This criminal activity can happen at organizations that depend upon social security numbers for identity validation and authentication, without anyone knowing until it's too late.
"The less that businesses depend upon social security numbers for account access, identity validation, authentication and other criteria, the safer we all will be," Herold says. "This study proves that."
Details of the Report:
http://esciencenews.com/articles/2009/07/06/carnegie.mellon.researchers.find.social.security.numbers.can.be.predicted
.with.public.information
The Privacy Professor’s Response And Recommendations:
http://www.realtime-itcompliance.com/information_security/2009/07/study_proves_ssns_are_easily_g.htm
http://www.realtime-itcompliance.com/information_security/2009/07/implications_of_the_cmu_ssn_st.htm
Contact:
Rebecca Herold, The Privacy Professor
Office: 515-996-2199
Mobile: 515-491-1564
Email: rebeccaherold@rebeccaherold.com
www.privacyprofessor.com
###
"Social security numbers were created for the purpose of tracking earnings and paying benefits," Herold explains. "They were never meant to be used by businesses as an identifier but have taken on that role because everyone has one, and so it was easy to do. Why create something new if there was already a unique ID available, right? At least that is what business leaders argued; after all, it saved them time and money."
This criminal activity can happen at organizations that depend upon social security numbers for identity validation and authentication, without anyone knowing until it's too late.
"The less that businesses depend upon social security numbers for account access, identity validation, authentication and other criteria, the safer we all will be," Herold says. "This study proves that."
Details of the Report:
http://esciencenews.com/articles/2009/07/06/carnegie.mellon.researchers.find.social.security.numbers.can.be.predicted
.with.public.information
The Privacy Professor’s Response And Recommendations:
http://www.realtime-itcompliance.com/information_security/2009/07/study_proves_ssns_are_easily_g.htm
http://www.realtime-itcompliance.com/information_security/2009/07/implications_of_the_cmu_ssn_st.htm
Contact:
Rebecca Herold, The Privacy Professor
Office: 515-996-2199
Mobile: 515-491-1564
Email: rebeccaherold@rebeccaherold.com
www.privacyprofessor.com
###
Contact
Rebecca Herold & Associates, LLC - The Privacy Professor
Rebecca Herold
515-491-1564
privacyprofessor.com
Contact
Rebecca Herold
515-491-1564
privacyprofessor.com
Categories