Was your SSN found on the dark web? Here’s what you need to do

Kamile Viezelyte
Cybersecurity Content Writer
SSN found on the dark web

A Social Security number (SSN) is one of the essential identifiers for US residents. These unique nine-digit numbers are required for opening bank accounts, paying taxes, or registering at hospitals. Learning that your SSN was found on the dark web can be daunting, as you get your number issued for a lifetime. Today, we’ll show you how to find out if your SSN is on the dark web and what immediate steps you should take if it’s there.

How can you find out if your SSN is on the dark web?

Social Security numbers are highly valuable as they are tied to individuals and used by institutions that access and handle sensitive personal information. As such, companies handling SSN-related information are frequently targeted by cybercriminals. The stolen data is then used as ransom or sold to the highest bidder on the dark web – the unindexed part of the internet where unlawful activity thrives.

In March 2024, telecommunications giant AT&T announced that roughly 73 million former and current clients were impacted by a data breach. Personal information, including Social Security numbers, was extracted by hackers back in 2021 and appeared on one of the darknet marketplaces. Consequently, AT&T reset the passwords for 7.6 million of its current account holders, indicating that most of those affected were former clients whose datasets were dated up until 2019. Nevertheless, SSNs that were compromised during the breach could not be changed as easily.

Whether you’re affected by the AT&T breach or a different SSN-related incident or are simply cautious for the future, you may want to learn if your personal data has been impacted before it hits the headlines. Here are some of the signs that your SSN is on the dark web:

  • Increased spam. It’s not a telltale sign of an SSN breach and can be related to third parties selling your contact details. However, if you’re getting more spam calls and emails than usual, it may be because someone has acquired your personal information alongside your SSN.

  • Suspicious banking activity. You need an SSN to open credit cards and bank accounts. If you’re setting transactions you definitely did not authorize, chances are someone committed your identity theft.

  • Suspicious medical insurance usage. Similar to banking fraud, your stolen SSN may be used to exploit medical insurance and illegally gain funds.

  • Physical mail addressed to you. If you start receiving letters in your mailbox regarding services, purchases, loans, or other activity you allegedly requested, someone may be fraudulently using your personal data.

  • Alerts from organizations regarding recent data breaches. If your SSN has been compromised and is on the dark web, the breached organization must inform you about the impact and tell you how to proceed.

You can also learn if your SSN is on the dark web yourself. However, navigating the dark web requires some technical knowledge and software like the Tor browser. Alternatively, you can use breach monitors to inform you what personal information, like your phone number or email address, has appeared on the darknet without needing to access it yourself.

Should you be worried if you learn your SSN is on the dark web?

The short answer is yes. If your Social Security number has been breached, it opens the gateway to accessing other personal information related to you. Your phone number, email address, place of residence, credit and debit card information – anything is (un)fair play.

Social security information is often used for financial fraud, particularly related to insurance and credit cards. As already discussed, suspicious banking activity is one of the first signs that something might be up. Cybercriminals can use your personal information to take out loans in your name, claim your tax returns or medical insurance funds, and open new credit cards. Since they obfuscate their activities using your name, the digital footprint would be tracked to you.

Your name and Social Security number can also be used for illegal employment. Cybercriminals may use your personal details to apply for jobs and could prevent you from claiming employee benefits in the future.

Keep in mind that if you discover your SSN on the dark web, your other sensitive data might have been breached, too. If the breach goes unnoticed, passwords to your personal accounts may be compromised. Your phone number and email address can also be used in spoofing attacks. Overall, the impact of an SSN-related data breach can widely affect your personal data.

The good news is that the Social Security Administration allows US residents to change their SSN if it was compromised due to a data breach and is being used for identity theft. The process is long and arduous, requiring you to provide extensive documentation, such as valid ID and proof of the crime verified by legal authorities. You’ll also have to submit a new application form for an SSN.

Can you remove your SSN from the dark web?

Unfortunately, removing your SSN from the dark web is a herculean task. It’s unlikely that the criminals will care to remove one data point from a single user request. Personal information is more valuable as large datasets, and hackers are more likely to use it as ransom to obtain money from breached companies. The best chance to remove your SSN from the dark web is to get law enforcement involved, such as the FBI or the FTC, but even that is not a guaranteed solution.

Make sure to inform the Social Security Administration about the circumstances immediately. If your request to change your SSN is successful, it will be harder for scammers to utilize your data. However, keep in mind that some of your records will still be tied to your old SSN, so stay vigilant in case of any suspicious activity in the future.

If you can’t remove your Social Security number, redirect your efforts to deleting other compromised information. Remember, if your SSN was breached, so were other details. Update all your passwords, especially those you use for government, financial, and medical portals. This will help protect your accounts from being compromised and other personal information from getting into the wrong hands.

What to do if your SSN is on the dark web

Your first course of action after finding out about an SSN-related data breach is to inform the Social Security Administration and your bank immediately and request your credit account to be frozen. This ensures that unauthorized parties can’t take out new cards, payments, or loans in your name. It doesn’t bear consequences to your credit score.

Alert the authorities as well. Although it’s up to the breached corporations to inform their clients, being protective and reporting yourself as a victim of a data breach will ensure that this incident is logged by law enforcement. That way, if any suspicious activity in your name is detected, you have viable proof of reported identity theft.

In addition, inform all companies that have processed your Social Security number. This will help create a paper trail for law enforcement and can prevent fraudulent activity on related websites and services. Keep a close eye on accounts that may be compromised, especially those related to your finances, in case someone tries to make any changes or requests in your name.

Then, move to a broader investigation yourself. You can use the Data Breach Scanner to see if your credentials, like your email address or credit card details, have been compromised.

Whether you find any breached passwords or not, it’s a good idea to update them, as they’re likely to be compromised nonetheless. Ensure your new passwords are unique and uncrackable – you can follow our guide to the top tips for creating a strong password. Alternatively, keep things quick and easy with the NordPass Password Generator, which creates resilient passwords and stores them in a securely encrypted vault with just a few clicks.

Add multi-factor protection to your accounts or switch to passkeys. That way, even if scammers try to take over your accounts, they won’t be able to breach them without your two-factor code or biometric information. To keep your phone secure, consider temporarily locking your SIM or changing the number.

Can you prevent your SSN from ending up on the dark web?

Unfortunately, keeping your SSN out of the dark web can be out of your scope. Cybercriminals are more likely to target big organizations, and if their defenses fail, there’s not much you can do as a client. However, you can still take measures to prevent your SSN – and other sensitive information – from ending up in the wrong hands directly from you.

  • Focus on your key contact details: Email address, phone numbers, banking information, and passwords. Protecting these four will help reduce risks related to SSN breaches.

  • Regularly check your credit card activity logs and your credit score for any unusual behavior.

  • Track your Social Security number on the governmental My Social Security platform.

  • Reduce your digital footprint by limiting the information you share on social media and other personal accounts.

  • Use the NordPass password manager to create and store your passwords, passkeys, credit card details, and other sensitive personal information.

  • Switch on two-factor authentication for an extra security layer.

  • Set up an email mask to keep your inbox from spam and social engineering attacks.

  • Connect to the internet using a VPN to protect your network from unauthorized outsiders.

  • Keep your apps up-to-date and use antivirus software regularly to check if your computer has been compromised.

Although finding your SSN on the dark web can be scary, it’s not the end of the world. As long as you stay vigilant, take quick action, and keep your personal information secure, you can reduce the threats to a minimum. NordPass is here to help keep your sensitive information safe and out of the wrong hands.


Subscribe to NordPass news

Get the latest news and tips from NordPass straight to your inbox.