Hacker News new | past | comments | ask | show | jobs | submit login

Why would people need new SSNs? It was the credit industry that misused them as combination of unique identifier and authenticator, and that is not the SSA's responsibility to fix. The government even tried to curb misuse of the SSN, but it was not binding on private entities, and they just ignored it.

The solution, whatever it is, does not include anyone continuing to pretend that the SSN is now or has ever been suitable for any purposes other than for tracking government benefits managed by the SSA, and possibly also for tax filings with the IRS.




> other than for tracking government benefits managed by the SSA, and possibly also for tax filings with the IRS

... and all of the other government benefits, programs, or mandated activities, many (all?) of which demand your SSN. Are you even sure that the credit industry, i.e. banks, originally misused SSNs? I wouldn't be surprised if they were required, by the government, to use them, precisely because it is the closest thing to an official "unique identifier".

Some people also might be concerned with not receiving their SS benefits either, which isn't entirely far-fetched given that others might now be using it for nefarious purposes (like trying to collect their SS benefits).


> I wouldn't be surprised if they were required, by the government, to use them, precisely because it is the closest thing to an official "unique identifier".

I read something somewhere else (maybe on a different HN thread, maybe here?) that this was changed in 2000 for something called "red flag laws", IIRC.

So yeah - it is required.


You're absolutely correct. We should move to a well designed identity system. However I'd SWAG the development and deployment of such a system around 10-15 years if all of the involved parties were on-board. Equifax could provide the SSA a pile of money and the victims could have a reasonably effective defense against identity theft within months.


wouldn't it be simpler to make ssn number last only five years? it's a partial workaround, but would immediately help by reducing the attack opportunity time massively, along with making it standard to have variable ssn thorough the system and making it easier for people to just renew their after breaches like this, since the current bar for obtaining a new one is quite high




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: