Sadly, data breaches have become so common that every few weeks, reports of another massive hack circulate, as regular as clockwork. Their reach seems to be growing, too. In 2017, 143 million Americans had their personal data compromised through the Equifax breach. In 2018, the personal data of 500 million people was compromised in Marriott's cyber breach. Smaller breaches targeting customers of Target and Dunkin' Donuts have occurred as well.
Given the ubiquity of huge cybertheft incidents, folks who haven't yet been victimized may hold a false sense of security. But everyone is vulnerable, and without proper prevention methods in place, any perceived safety is misplaced. Data breaches have outright exposed Social Security numbers, and have revealed sensitive personal data including bank account numbers, credit card numbers, birthdays, and passport numbers, all of which can allow cyberthieves to get access to your Social Security number. And having your Social Security number exposed in a data breach is no joke.
Your Social Security number can, in turn, open access to multiple accounts, which become prey to cyberthieves. Social Security accounts are not the only coffers exposed. Any accounts with financial assets including bank accounts and brokerage accounts become vulnerable to fraudsters conducting cyber break-ins, and once they have your Social Security number, they can drain all your accounts.
If you are currently receiving Social Security benefits, cybercriminals with your Social Security number can divert your Social Security payments into their own pocket. They do this by setting up a falsified bank account, telling the Social Security Administration (SSA) that you changed banks, and then receiving your monthly checks instead of you.
If you are not yet receiving Social Security benefits, fraudsters posing as you can start claiming your benefits and taking the payments! All they have to do is direct the benefits to a home address and bank account that don't belong to you. This can go on for years, and the actual holder of the Social Security number is none the wiser until they need the benefits themselves. Once the person retires and files for benefits, they discover someone else has been drawing their benefits all along. Further, the burden of proof falls on you to prove you are the rightful recipient, and that you've been defrauded. This can take hours of relentless effort to rectify -- and in the meantime, you'll be without your rightful benefits.
Fortunately, there are several effective preventative solutions, so you can keep your private information protected in the first place. Take these three steps to protect your Social Security number from data breaches and hacks.
1. Monitor your accounts regularly
The best thing you can do to protect your Social Security number and financial accounts is to monitor all your financial accounts regularly. Know your assets. Know where they are and how much they are. Perhaps most crucially, be aware of every withdrawal taking place.
The blunt truth is, sometimes the only alert that Americans ever receive about a cybertheft taking place against them is through their own due diligence -- by spotting an unauthorized withdrawal on their account statements. The sooner you see it, the sooner you can alert your financial institution and start the process of getting your money back.
2. Know your Social Security account
The SSA provides annual statements of your retirement account once you've worked long enough to qualify for benefits. You should set up a free mySocialSecurity account and check it regularly. You want to know if someone suddenly tries to claim benefits on your account. Keeping all your statements and documentation will be essential if your Social Security account ever becomes compromised.
Since 2013, the SSA requires all beneficiaries to receive their benefit checks via direct deposit. This ensures as much safety as possible, but it's not an infallible system. All beneficiaries should know exactly when their Social Security check is deposited into their accounts each month, and if it doesn't arrive on time, they should alert the SSA.
3. Choose a strong password, but don't rely on it alone
Choosing a strong password is necessary for all your online accounts. It should be an unusual combination of letters, numbers, and special characters. Don't rely on your birthday or wedding anniversary, because cyberthieves know them too.
Don't try to be clever by disguising an ordinary password choice. "ji32k7au4a83" is a fairly common password, according to Gizmodo. Sounds like it would be complicated enough to baffle any cyberthief, right? But it's the words "mypassword" transliterated from Mandarin through a computer system. It's only a matter of time before it's as hackable as "password" and "123456," which are the most frequently compromised passwords in the English-speaking world.
Usually, advice on passwords is the first advice people get about protecting their data. We haven't put it first because while passwords are very important as a first line of defense, they're only a first line and a strong password doesn't make you invincible. It's becoming clear that many cyberthieves have little trouble getting around passwords when breaking into your accounts.
Choosing a password is somewhat like shutting your door to keep out thieves. You need to do it, but you must also be aware that the door needs to be locked and monitored. So be sure to start with monitoring your financial accounts and your Social Security account rather than relying solely on a password to keep you safe.