Researchers Use Facebook and Other Social Network Data to Hack Social Security Numbers - 2,288 Views,

Summary: As online society becomes ever more social, and cares ever less about personal security, the phrase "social security" seems more than ever an oxymoron. Perhaps nowhere is this more clearly brought home than in this week's announcement by researchers at Carnegie Mellon that they have cracked the social security code, and were able to predict with frightening accuracy many social sercurity numbers (SSN). In many cases, their hack was aided by information gleaned from such social networking sites as Facebook.
Most Recent Searches that Led to This Page: can a facebook hacker get my social security number, facebook social security number, how can we use facebook on other websites, how to hack ssn, related:www ssdanswers com/2009/07/11/can-your-facebook-profile-hurt-your-social-security-disability-case/ disability problems facebook, social security facebook

Previous Article « New Cell Phone Watch Phone Goes on Sale
Read Next Article » Positive Recommendations on LinkedIn Used in Lawsuits Against the Recommender

Advertisers! Help support the Internet Patrol, and keep it free for the quarter of a million people who read it
each month! Want to see your ad on this page on The Internet Patrol, in this very spot? Email us here!

As online society becomes ever more social, and cares ever less about personal security, the phrase “social security” seems more than ever an oxymoron. Perhaps nowhere is this more clearly brought home than in this week’s announcement by researchers at Carnegie Mellon that they have cracked the social security code, and were able to predict with frightening accuracy many social security numbers (SSNs). In many cases, their hack was aided by information gleaned from such social networking sites as Facebook.

As online society becomes ever more social, and cares ever less about personal security, the phrase 'social security' seems more than ever an oxymoron.

Alessandro Acquisti and Ralph Gross undertook the research to determine just how “secure” social security numbers are. Not surprisingly, they found that with just a little bit of information that in times earlier would have been considered very private, and not readily available, they were able to guess the first five digits in someone’s social security number on the very first attempt nearly half of the time, and they were able to get the full social security number nearly 10% of the time in under 1000 attempts.

While 1000 tries to get a full SSN may sound like a lot - when you consider the guessing brute strength that most computers have nowadays, it’s really nothing. Especially for someone motivated by criminal intent.

Of course, it’s been known for ages that where you are born determines the first few digits of your SSN. If you are born on the very eastern part of the east coast of the U.S., your SSN will start with 0, while if you are born in the very western part of the western U.S., your social security number will start with 9 or 8.

While that was well-known, what wasn’t so well-known was that the algorithm for generating social security numbers includes your date of birth.

Acquisti and Gross started by using the Social Security Administration’s “Death Master File” - which contains the SSNs of everyone who has died. The Death Master File is public information, primarily to ensure that the social security number of a deceased person isn’t misused by a criminal assuming the identity of the deceased.

Using the SSNs from the Death Master File, Acquisti and Gross were able to detect patterns in the assigning of the numbers.

They then turned to live people. Facebook, and similar social networking sites, provided a fertile ground. Many people on Facebook include their date of birth, along with their location, in their profile information.

Where someone was born, and the social security number was issued, in a smaller state, the accuracy rate was even higher than for those born in larger states.

Muses Acquisti, “I was surprised by the accuracy of certain predictions,” adding that “It’s good that we found it before the bad guys.”

The Social Security Administration is disputing these findings, issuing a statement that “there is no foolproof method for predicting a person’s Social Security number.” An administration spokesperson added that “The suggestion that Mr. Acquisti has cracked a code for predicting an SSN is a dramatic exaggeration.”

Still, said the spokesperson, “For reasons unrelated to this report [Ed note: Uh huh..], the agency has been developing a system to randomly assign SSNs. This system will be in place next year.”

Was this information helpful? If so, please leave us a review!

Previous Article « New Cell Phone Watch Phone Goes on Sale
Read Next Article » Positive Recommendations on LinkedIn Used in Lawsuits Against the Recommender

» Facebook Phone Now Available - the World’s First Social Networking Phone

» Facebook Joins Ranks of Sites Scraping Your Address Book and Spamming Your Contacts - This Time It’s AIM

» Google to Connect Friends Across Websites with Google Friend Connect

For additional similar stories check out our archives on Facebook, Privacy, Security, Social Networking

NOTE: We never, ever, ever will recommend any product or service on this site that we have not regularly used ourselves and do not wholeheartedly believe in. That said, in some cases after being very pleased with a product or service, we may enter into a relationship with the provider of that product or service such that if someone purchases that product or service based on our recommendation, we may get a small payment. Such payments go towards the upkeep of the Internet Patrol.