16 Million Social Security Numbers Disclosed in a Cybercrime Forum

Social Security Numbers (SSNs) are nine-digit numbers issued to U.S. citizens by the Social Security Administration of the United States government. In the course of our routine dark web monitoring, we discovered 16 million SSN data disclosed on a cybercrime forum by a Russian-speaking threat actor. The data has been allegedly collected over a period of two years, from 2018 to 2020.  

An SSN does not contain a biometric identifier, thereby making it easier for a person with malicious intent to misuse the information. The risk of identity theft is a primary concern associated with the leak of these numbers in the cybercrime forum. The data contains personally identifiable information (PII) such as name, address, email id, date of birth, phone number, IP, SSN and even bank account details are revealed. The leak of such sensitive information is a major concern as it exposes sensitive data that as the potential to be misused.  

The threat actor “LUCIFER6” is offering to sell 16M records of SSN data in one of the cybercrime forums. 

Below is the screenshot of the data as leaked on the cybercrime forum. 

Screenshot of the data as leaked on the cybercrime forum

This SSN data leak also includes employer information, job title, net income, bank account number, and account balance. Such sensitive details are at a high risk of being misused by malicious threat actors for carrying out financial frauds.

Here are some of the best practices to safeguard sensitive and confidential information at primary levels. We advise our readers to follow the security recommendations listed below: 

  • If it is necessary to provide SSN, enquire about the purpose and the way the information will be used.
  • Use strong passwords and enforce multi-factor authentication wherever possible.   
  • Regularly monitor your financial transactions. In case of any suspicious activity, contact your bank immediately.   
  • Turn on the automatic software update feature on your devices connected to the Internet, such as computer and mobile.   
  • Install authentic anti-virus as well as Internet security software package on your connected devices including PC, laptop, and mobile. 
  • Never share personal and confidential information over the phone, email, or SMSes.  
  • Refrain from opening untrusted links and email attachments without verifying their authenticity. 
  • If you are concerned about your exposure on the darkweb, register at  AmIBreached.com to ascertain your exposure.   

About Cyble   

Cyble is a global threat intelligence SaaS provider that helps enterprises protect themselves from cybercrimes and exposure in the darkweb. Cyble’s prime focus is to provide organizations with real-time visibility into their digital risk footprint. Backed by Y Combinator as part of the 2021 winter cohort, Cyble has also been recognized by Forbes as one of the top 20 Best Cybersecurity Startups To Watch In 2020. Headquartered in Alpharetta, Georgia, and with offices in Australia, Singapore, and India, Cyble has a global presence. 

Scroll to Top