| Wednesday October 22nd 2014

Feedburner

Subscribe by email:

We promise not to spam/sell you.


Search Amazon deals:

Reverse-engineering SSNs from publicly available data


social securityComputer scientists at Carnegie Mellon University have figured out how to predict Social Security numbers from publicly accessible birth data with frightening accuracy. The researchers analyzed a public information source known as the “Death Master File,” which includes birth data and SSNs for people who have died. The scientists found that in many instances, if you know the date and state in which a person was born, you can deduce their SSN.

With just two attempts, the researchers correctly guessed the first five digits of SSNs for 60 percent of deceased Americans born between 1989 and 2003. With fewer than 1,000 attempts, they could identify the entire nine digits for 8.5 percent of the group.Social Security number cardThere’s only a few short steps between making a statistical prediction about a person’s SSN and verifying their actual number, Acquisti said. Through a process called “tumbling,” hackers can exploit instant online credit approval services — or even the Social Security Administration’s own verification database — to test multiple numbers until they find the right one. Although these services usually block users after several failed attempts, criminals can use networks of compromised computers called botnets to scan thousands of numbers at a time.

“A botnet can be programmed to try variations of a Social Security number to apply for an instant credit card,” Acquisti said. “In 60 seconds, these services tell you whether you are approved or not, so they can be abused to tell whether you’ve hit the right social security number.”


Predicting Social Security numbers from public data: Abstract (text) and full article (.pdf)

Source

Related Posts: On this day...

Reader Feedback

One Response to “Reverse-engineering SSNs from publicly available data”

  1. wwit says:

    Thank you- this information is very helpful!

Leave a Reply

You must be logged in to post a comment.