• solrize@lemmy.world
    link
    fedilink
    English
    arrow-up
    40
    arrow-down
    1
    ·
    3 months ago

    There are only 1 billion SSNs possible with 9 digits, and at most around 350M living people who have them (the US population). This breach is international but SSN is a US thing.

    • floofloof@lemmy.ca
      link
      fedilink
      English
      arrow-up
      7
      ·
      edit-2
      3 months ago

      And not all 9-digit numbers are used, so there are fewer than a billion. It sucks when organizations store them because the search space is so small it’s relatively easy to unhash them in a stolen database.

      • prime_number_314159@lemmy.world
        link
        fedilink
        English
        arrow-up
        6
        ·
        3 months ago

        A lot of businesses use the last 4 digits separately for some purposes, which means that even if it’s salted, you are only getting 110,000 total options, which is trivial to run through.

    • JohnEdwa
      link
      fedilink
      English
      arrow-up
      7
      arrow-down
      2
      ·
      edit-2
      3 months ago

      9 digit social security number specifically might be, but a unique number tied to you that is often used as identification when it really shouldn’t isn’t, it’s a shitshow that has been implemented in many countries around the world.
      The Finnish version was called an SSN originally for example, though now its a “henkilötunnus”, personal identity code.

      https://en.wikipedia.org/wiki/National_identification_number

    • catloaf@lemm.ee
      link
      fedilink
      English
      arrow-up
      2
      ·
      3 months ago

      Do TINs overlap with SSNs? Because businesses and non-citizen taxpayers have TINs instead of SSNs, but they’re used just the same.

      • solrize@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        3 months ago

        This I don’t know. I remember reading that around 70%(?) of SSNs have been allocated, and there are enough left for a few decades. No idea whether corporation TINs come from that. I believe non-citizen taxpayers get similar SSNs to citizens. IDK if they pay into social security and collect benefits the same way.