Has your SSN been found on the dark web? Here’s what to do

How to check if your SSN is on the dark web

One way to find out if your SSN or other personally identifiable information is on the dark web is to keep an eye on services tied to it. Even if an SSN data breach goes unreported, you can use dark web monitoring services that track if any of your sensitive information is compromised. Some dark web scanning tools are available for free. However, they might only check a limited amount of information in select databases.

If a service you use experiences a data breach, they are legally obliged to issue an official notice informing affected customers on how to proceed. You might also get a fraud alert from your insurance or credit provider warning you that it has detected irregular account activity. In this instance, check the reports on relevant portals yourself and, if the concerns over suspicious activity are true, take steps to restrict or shut down access to such services.

For more thorough and continuous monitoring, you can opt for a premium service like NordProtect. Its 24/7 automatic dark web monitoring keeps track of your personal information, including your email address, phone number, and SSN, in breached databases, marketplaces, chatrooms, and forums. As soon as it detects breached data, it notifies you, letting you quickly react and protect yourself online.

Immediate steps to take if your SSN is on the dark web

If you know that your SSN has been breached, you need to take steps to protect your identity immediately.

Check bank statements and freeze your credit

Your Social Security number is directly tied to any credit account you open, and you need it to access your credit score and statements. Unsurprisingly, financial fraud and credit information theft are among the most common crimes related to SSN theft. Using your financial and Social Security information, cybercriminals can take out loans, open new lines of credit, claim your tax returns, or submit false insurance claims.

Check your bank statements for irregular purchases or unknown deposits and withdrawals. Payments from foreign countries made at odd hours might also point to unauthorized access and illegal banking activity. If you notice suspicious payments, contact your bank and freeze your cards. 

If you suspect that your SSN has been compromised, you can get free credit reports to enable you to spot suspicious activity.  You can then request a credit freeze to protect your assets and reduce the likelihood of your identity being misused. Freeze your credit at all three major credit bureaus – Equifax, Experian, and TransUnion. You can contact the credit bureaus to check your reports and freeze or reopen your credit:

Equifax

Phone: 800-685-1111

Equifax Information Services LLC

P.O. Box 105788

Atlanta, GA

30348-5788

Experian

Phone: 888-EXPERIAN or 888-397-3742

Experian Security Freeze

P.O. Box 9554

Allen, TX

75013

TransUnion

Phone: 888-909-8872

TransUnion LLC

P.O. Box 2000

Chester, PA

19016

Inform the Social Security Administration

The Social Security Administration (SSA) is an independent agency that oversees Social Security in the US. They are your number one contact when you detect a data breach or fraud related to your Social Security number. You can fill in and submit the scam form on the SSA website, which will then be used to investigate the situation.

On the SSA website, you can also use your US Citizenship and Immigration Services (USCIS) account on the E-Verify website to switch on a self-lock feature for your SSN and protect your personal records.

File a report with the Federal Trade Commission

If you have detected fraudulent activity or a scam using your SSN, contact the Federal Trade Commission (FTC) online or call 1-877-438-4338 immediately. Your report will be shared with over 2,800 law enforcers, helping increase the efficiency of resolving your identity theft case. The FTC will issue a personal recovery plan based on your case to help you protect your sensitive personal information from further exposure. 

Keep in mind that cybercriminals often contact their targets pretending to be from the FTC, so make sure to always use the official communication channels. If you receive a letter from the FTC before contacting the agency yourself, double-check the sender and the content to see if it’s legitimate.

Contact businesses that use your SSN

The list of companies using your SSN is longer than you think. Companies handling medical insurance, loans, job applications, or tax reports all need your SSN to process your data. At the top of the list, you’ll have the IRS — it will mark your account as potentially compromised and help you protect your tax records.

Then contact other companies that use or have previously used your Social Security number. They should be able to freeze your services to prevent your identifiable information from being misused.

Inform local authorities

If your SSN has been compromised and, especially, if you’ve already noticed suspicious activity in your accounts, you have become a victim of identity theft. In this case, you should contact your local authorities and file a police report to create an official record of the crime.

Lock down your SIM card

As far as personally identifiable information goes, phone numbers are fairly public. Still, what can someone do with your phone number? Cybercriminals can quickly link your phone number to your SSN by connecting the dots between your personal information and attempt to spoof it by contacting your cell service provider. Get ahead of them by contacting the telecom company yourself. It may be a good idea to freeze your current phone number and have a new one issued or to set up a virtual phone number.

Update your login credentials

Having a breached SSN increases the likelihood that other personal information will be compromised as well. Credentials are as popular a bulk purchase as stolen Social Security numbers, and with over 26 billion records leaked following the massive data breach known as Mother of All Breaches in January 2024, updating your passwords is a no-brainer.

Each account you own should have its own unique and strong password that is at least eight characters long and contains a combination of random uppercase and lowercase letters, numbers, and special symbols. Alternatively, you can use a passphrase – a combination of words only you know. Since using the space bar counts as a special character, it increases the complexity of the password. You can use a password manager to create and manage credentials, improving your overall account security.

Set up two-factor authentication (2FA)

In addition to updating all your passwords, consider setting up two-factor authentication for your accounts. It adds an extra step to your login process by using a time-based code or biometric authentication to verify your login attempt. That way, a cybercriminal can’t breach your account using stolen credentials because they can’t access your authentication device.

Run a full dark web scan

Misery loves company, and a single breach is never really just a single breach. It’s as likely for your email address, phone number, and login credentials to be exposed alongside your Social Security number. However, finding even a single breached credential in the vast depths of the dark web is complicated enough. Keeping all your ducks in a row manually is impossible.

Thankfully, you don’t have to track the dark web by yourself. With NordProtect’s dark web scanner, you’ll get live security alerts and warnings if your sensitive information appears on the dark web. It continuously scans the dark web and keeps an eye on your personal accounts. NordProtect also warns you if it detects suspicious credit activity, like unauthorized changes to your credit accounts.

Sign up for identity theft protection

If you have not detected any suspicious activity yet but have found your SSN on the dark web, you can take steps to protect yourself. That way, if someone were to attempt tax or credit card fraud or otherwise misuse your identifiable information, you can prove that you’re a victim of identity theft.

NordProtect’s identity theft protection service helps take care of the identity recovery process if you become a victim of such a crime. With the NordProtect subscription, you’ll get alerts if any potential risks are detected. If you experience expenses related to identity theft, you may also be assigned a dedicated identity restoration case manager to help you sort through the bureaucracy and be eligible for up to $1M to cover qualifying identity theft recovery costs.

Can you remove your SSN from the dark web?

It’s practically impossible to have an SSN or other stolen personal information removed from the dark web or even learn who posted it due to data obfuscation. You can try contacting the FTC or the FBI for assistance. However, even then, their resources may be limited, especially if they can’t track down the identity of the perpetrators.

Usually, SSNs end up on the dark web following a company breach and are then sold in bulk to increase their overall value. The criminals are likely to contact the company they attacked directly and use the stolen data as ransomware.

You can take the proactive route of limiting how and where you use your SSN and tracking your personal information with web monitoring tools. If the monitor detects your Social Security number, phone number, or other identifiable data, you can try to freeze or replace the affected accounts.

Can you change your exposed SSN?

Acquiring a new SSN is possible, but it’s far from easy. To prevent misuse, abuse of replacement numbers, and system errors of old numbers not being overwritten, the Social Security Administration restricts SSN reissuance to confirmed fraud cases. Identity fraud and someone else gaining access to your SSN are considered exceptional circumstances where the SSA lets you submit a new application.

To begin the process, you must provide the Social Security Administration with a valid ID and documented proof that your old number was stolen and used for identity theft and fraud. Keep in mind this process might be lengthy, so track all activity related to your breached SSN.

Once you receive the new number, inform your credit card and loan companies, the IRS, medical insurance provider, and other institutions about the update to ensure your records are on track. If you don’t update this information, your old SSN may still be tied to unauthorized activity.

How did your SSN get on the dark web?

The hacker who obtained the database with SSNs from the company or service they breached most likely put it on the dark web themselves. It’s also possible for your SSN to end up on the dark web second-hand, if someone purchases the data from the criminal directly and then puts it on sale in one of the dark web marketplaces.

Although rare, employee data mismanagement is a probable scenario if a company accidentally leaks sensitive information. In this instance, they must alert you about the error immediately.

What can happen if your SSN is found on the dark web?

Considering the sheer volume of SSNs on the dark web, it’s hard to predict what will happen to yours if it gets breached. It’s as likely it will remain dormant in a stolen database as it is that someone will use it to run a money laundering operation. Most crimes committed with a stolen SSN are also considered identity theft.

In some cases, spoofing your SSN is enough to cause significant damage. In others, criminals might attempt to gain access to more of your personal data, like your home address, phone number, or account credentials. Crimes related to SSN misuse include:

• Financial fraud. Scammers can use your SSN to take out fraudulent loans, claim tax benefits, and take out new credit cards. This can reflect negatively on your credit score and put you at risk of being accused of the crime.
• Employment fraud. The SSA keeps track of your employment history, which can be accessed with your personal information. Using a stolen SSN, fraudsters can claim unemployment benefits or apply for illegal jobs under your name.
• Medical fraud. Criminals can claim disability benefits and payouts, steal prescriptions, and obtain insurance claims in your name. This can cause issues if you need medical assistance in the future.

Signs your SSN has been compromised

The number one sign that someone has been misusing your Social Security number is suspicious activity in accounts linked to it. You might notice it yourself – emails about accounts you haven’t opened, notices on loans you haven’t taken out, spam calls from numbers you don’t recognize. If you don’t receive an official notice from any organization handling your SSN, you have to rely on these crumbs of odd activity to come to your own conclusion.

If the situation goes unchecked and your SSN is used for claiming government benefits, committing tax fraud or identity theft, you might receive less desirable attention from local law enforcement or the FTC. This possibility makes it crucial for you to gather evidence and contact the authorities ahead of time to prove you are a victim of identity fraud and haven’t committed any misdeeds yourself.

Protecting your SSN from being misused

The best way to protect your Social Security number is to limit how and where you use it. If you’ve previously used it for services you no longer need, see what data storage policies they adhere to. You might be able to request your data to be deleted from their internal systems. Likewise, if you need to start using new services, see if providing your SSN is really necessary.

Although the process is complicated and requires you to prove you’ve experienced identity theft, it’s possible to cancel an existing Social Security number and receive a new one. You can contact the Social Security Administration to report that your SSN was compromised due to a data breach and begin the replacement process.

Sign up for fraud alerts with the credit bureaus and check your credit card statements regularly. Block any transactions you don’t recognize and, if necessary, freeze or change your cards.

You might not be able to prevent your SSN from ending up on the dark web, but taking steps to protect it from misuse will help you stay secure in the future and know how to prepare for other data breach incidents that might lurk ahead. With NordProtect, you can feel secure knowing that your sensitive data is on the radar for any breaches.