What to do if your Social Security Number is on the dark web

A Social Security Number (SSN)—one of the essential identifiers for U.S. residents—is enough for hackers to impersonate you. With an SSN, they can open credit cards, take out loans, receive medical treatment, buy drugs, and secure employment—all in your name. 

Unexpected emails with credit card offers, credit report surprises, the IRS notifying you of multiple tax filings, and receiving medical bills or records with treatments you didn’t get are signs of a leaked SSN.

A Social Security Number is one of the most sensitive pieces of information that fraudsters can use to access the rest of your data. Taking immediate action is essential to prevent impersonation. 

Read on to learn what to do if your Social Security Number is on the dark web and how to avoid future exposure.

What does it mean if your SSN is on the dark web?

There’s a high chance your SSN is already on the dark web—or will be at some point. Aside from data breaches that you may accidentally become a victim of, hackers can steal your SSN through phishing scams, physical theft, malware, and data brokers. 

With access to your SSN, fraudsters can easily exploit your financial accounts, medical care, and even apply for jobs the same way you do—all without your knowledge.

How SSNs get leaked

There are many ways for leaked Social Security Numbers to end up on the dark web:

• Data breaches: one of the most common reasons for sensitive information to be unknowingly leaked, even cautious users are vulnerable. From banking apps and healthcare clinics to food delivery apps, we all use countless platforms every day.
  
  Reliance on third-party vendors is one of the key vulnerabilities. According to reports published by TransUnion (a credit reporting agency and a major player in the consumer credit reporting industry), 69% of the largest data breaches last year included SSNs. For example, the April 2024 AT&T breach alone leaked more than 70 million SSNs to the dark web.
  
• Phishing attacks: these emails look extremely similar to those you may get from apps, companies, or services you use. However, they usually come with a malicious link or direct you to an untrusted website. Although the page you are linked to looks legitimate—like your financial institution’s page—it is a spoofed website that gives hackers access to your submitted information, including your SSN.
  
• Malware and spyware: unintentionally downloading malware or spyware—software specifically built to disrupt, damage, or gain unauthorized access to a device—allows hackers to steal your personal data. For example, such software can install a keylogger that records everything you type, detect when you fill out online forms, capture your screen activity, and search devices for files that contain SSNs, like tax documents or medical records.
  
• Using public Wi-Fi: the majority of free public networks use cheap routers and access points lacking essential security measures. Without the protection of a VPN, hackers can gain unauthorized access to your device over such connections, identifying your sensitive information, including your SSN. From there, they can inject your phone with malware, steal your credentials, and even gain remote control over your device. 
  
• Visiting unsafe or unknown websites: similar to how phishing scams work, these schemes allow cybercriminals to steal your data in two ways: by requiring you to input personal records to register or infecting your device with malware.

What can scammers do with your Social Security Number?

If your SSN gets stolen, you could face several serious risks, with identity theft being the biggest one. This is because SSNs open doors for hackers to access other sensitive data such as name, address, date of birth, and financial history. Now let’s go through the most common risks:

Identity theft and financial fraud

A leaked SSN can be used to impersonate someone and commit fraud in your name. For example, this data can help identity thieves open bank accounts, apply for credit cards, or take out personal loans. In other cases, it may be used to receive medical care in your name or obtain employment. Victims usually discover the fraud late, often by receiving tax filings, receiving unknown medical bills, being denied credit, or being contacted by debt collectors.

Opening fraudulent accounts

Scammers might also use SSN data to open new bank accounts, utility services (like electricity or internet), mobile phone plans, and many other online services under your name. These accounts often go unpaid, leading to collectors calling and credit damage.

Filing fake tax returns

If you’ve become a victim of an online data breach or have had your SSN stolen, hackers can use this data to file fake electronic tax returns with the goal of receiving fraudulent refunds. Victims often only discover the fraud when their legitimate return is rejected because one has already been filed. Resolving such issues with the IRS takes months and may significantly delay legitimate refunds. 

Government benefit fraud

Scammers often exploit leaked SSNs to file fraudulent unemployment claims. They may also target individuals who are applying for or already receiving Supplemental Security Income (SSI) benefits.

SSI applicants who begin to receive—or seemingly receive—State Unemployment Insurance (UI) benefits can be ineligible for these programs. They may appear to have been overpaid due to an unemployment claim filed fraudulently in their name.

These fraud schemes are common in most states, with the US Secret Service investigating over 500 claims in 40+ states related to unemployment fraud. These schemes not only result in significant financial losses to the government but also make it harder for victims to file legitimate claims. As with any other SSN fraud tactic, victims typically discover their name has been used in a scam when they are denied benefits they actually qualify for.

Once leaked, an SSN acts as a key that can unlock numerous layers of fraud, significantly affecting a victim’s ability to get legitimate financial, medical, and insurance help in the future. While taking immediate action is essential, monitoring will be the most proactive step you can take. Read on to learn how you can protect yourself if your SSN is found on the dark web, and how to check for exposure before you’re denied any service.

Steps to take if your SSN is found on the dark web

1. Freeze your credit reports

Start by immediately contacting the three major credit bureaus individually to freeze your credit and prevent hackers from opening new accounts in your name:

• Equifax (1-800-685-1111)
• Experian (1-888-397-3742)
• TransUnion (1-888-909-8872)

The request can be sent:

• Online: it usually takes one business day to freeze your credit
• By mail: it usually takes about three business days to freeze your credit
• By phone: it usually takes one business day to freeze your credit

You can later request those bureaus to lift the freeze on your credit report for free if needed. Just make sure you keep the security PIN safely in a password manager or on paper at home.

2. Set up a fraud alert with credit bureaus

A fraud alert is a security message that appears under your personal statements in a credit report. It informs creditors that your data might have been compromised and suggests they take extra steps to verify your identity before extending credit. Fraud alerts are free and usually last for one year. 

You can place fraud alerts on your credit reports by contacting one credit bureau, like Experian (1-888-397-3742), which will notify the other two. This is a less aggressive measure if you are not keen on fully freezing credit. 

3. Create a mySocialSecurity account

This free and secure account helps prevent hackers from creating one in your name and stealing government benefits. It also allows you to monitor your earnings records and proactively detect any suspicious activity. 

Visit www.ssa.gov/myaccount to create your account. You will be redirected to the credential service provider’s website, where you will have options to proceed: “Sign in with Login.gov” or “Sign in with ID.me.” Once you create your credentials, you will be returned to the mySocialSecurity webpage for next steps.

Credentials will include:

• Email
• Password
• 2-step verification factors

To create an account, you must meet several requirements:

• Be 18 years of age or older
• Have a Social Security number (SSN)

4. Report the SSN theft to the FTC

If you notice suspicious activity and believe your SSN has been stolen, contact the Federal Trade Commission (FTC). The FTC is responsible for collecting complaints about identity theft and provides a personalized recovery plan for those whose SSNs may have been exposed due to a data breach. It also adds legal credibility to such cases and guides victims through the next steps after SSN exposure.

Here is a quick overview of the process, depending on your situation: 

• If there is proof your SSN has been used to open a new account or make a purchase, report identity theft at IdentityTheft.gov. This way, you will obtain an FTC Identity Theft Report and a recovery plan.
  
• If your SSN has been exposed but not misused yet, you don’t need to file an FTC Identity Theft Report. However, there are steps you can take to help prevent identity theft. These include active monitoring, checking, or freezing your credit. Learn more at IdentityTheft.gov/Info-Lost-or-Stolen.

5. Request an Identity Protection PIN (IP PIN) from the IRS

An identity protection PIN (IP PIN) is a six-digit number used to prevent a fraudster from filing a tax return using your SSN or Individual Taxpayer Identification Number (ITIN). It helps verify your identity when filing either an electronic or paper tax return.

If you don’t already have an IP PIN, getting one is a proactive step to protect against tax-related identity theft. The fastest way to receive this number is through your online account at IRS.gov. If you don’t have an account yet, you’ll need to register to verify your identity.

6. Run a full dark web scan

Considering that your SSN may not be the only piece of compromised data, it’s recommended to check for other exposed credentials as well. Acting as a critical part of identity theft protection, dark web scanning is a form of threat intelligence that involves detecting any leaked personal data on the dark web as soon as possible.

Dark web monitoring tools, like Norton, Experian, or HaveIBeenPwned, scan thousands of websites on a daily basis, checking for mentions of your personal data. These tools help identify if emails, passwords, names, addresses, and other data have been exposed. 

If any of your data is found on the dark web, the tool will alert you, so you can take proactive measures, such as changing compromised passwords, freezing credit, and adding 2FA verification.

7. Check your credit reports and financial accounts

Monitoring your credit reports and financial activity helps you identify any suspicious activity early, which may signal your SSN or other data has been misused. Look for unknown tax returns, transactions, new credit lines, or strange charges. You may also want to check whether new accounts were opened in your name, or if there are missed payments or accounts in collections.

You can simplify monitoring using the following:

• Request free credit reports from AnnualCreditReport.com to check whether someone has obtained unauthorized loans in your name.
  
• Credit monitoring services help monitor your bank, credit, and investment accounts, notifying you of any suspicious activity.
  
• Contact your bank’s fraud department to close compromised accounts and issue new ones when required.

8. Protect your SSN from employment fraud with myE-Verify

A compromised SSN on the dark web can be used by fraudsters to gain employment in your name, potentially linking you to criminal activity and tax liabilities. 

When an employer enters your locked SSN in E-Verify to confirm authorization, the request will result in an E-Verify Tentative Nonconfirmation (mismatch). The service gives you full control over how your SSN is used for employment purposes as it allows you to unlock your SSN whenever you need to.

The process looks like this:

• Access myE-Verify with your USCIS online account.
• If you don’t have an account there yet, create one by visiting the website.
• You’ll be requested to provide your email address and create a password. 
• Confirm your account using the verification code sent to your email.
• Under “Account Type”, select “I am an applicant, petitioner, or requestor” or “I am a legal representative,” then click “Submit”.
• You’ll receive confirmation that your USCIS account has been successfully created.

9. Secure your phone number to prevent SIM swap attacks

If your SSN is exposed on the dark web, hackers can use it to open new mobile accounts or hijack existing ones through a SIM swap scam. With just a few details about your life, thieves can answer security questions, impersonate you, and convince your mobile carrier to reassign your phone number to a new SIM card. Once they gain control of your phone number, criminals can access your phone’s data and start changing your account passwords, locking you out of your banking profile, email, and more. 

Contact your mobile provider (e.g., Verizon, T-Mobile, AT&T) and request a SIM lock or port-out PIN to prevent identity theft. This process adds a custom 4-digit code that must be entered before making any changes to the account. It’s a simple yet essential step that  prevents scammers from taking over your phone number if your SSN has been leaked.

Can you remove your SSN from the dark web?

If leaked, it’s nearly impossible to remove an SSN from the dark web. Stolen credentials are often duplicated and available for sale across multiple forums and marketplaces, making any attempts to track or remove them ineffective. The decentralized nature of the dark web also means there is no central authority that can control operations and remove your data.

Instead, you may want to focus on exploring what other personal information may have been compromised to mitigate the damage. Hackers may also obtain your name, address, email, phone number, credit card details, and more.

How to protect your Social Security Number from future exposure

Think twice before sharing your SSN

Some people give out their SSN even when it’s not necessary, putting themselves at high risk of exposure. If you’re asked to provide your SSN, make sure to ask why it’s needed, how it will be stored, and whether any other form of ID will work. Never share your SSN on any public forum or social media.

Use an identity theft protection service

There are several services that can help protect your data from being misused if stolen. Start by using dark web monitoring tools to stay informed about any new personal data appearing for sale. Use a password manager, like 1Password, and enable 2FA authentication on all your accounts for added security. Consider using paid or free identity monitoring tools to get alerts about suspicious activity tied to an SSN. Services like LifeLock, or even some banks, offer features like dark web monitoring, SSN tracking, and fraud alerts.

Secure physical documents that contain your SSN

While digital precautions are essential, old-fashioned physical theft is still a real threat. Paper documents can expose your data, including your SSN. Avoid carrying your Social Security card unless absolutely necessary. It is also recommended to shred any documents displaying your SSN once they are no longer needed. These include old tax forms, pay stubs, or medical records.

Limit your digital footprint

One of the easiest ways to protect your data from exposure is to reduce the amount of personal information you share online. Public posts about your birthday, location, workplace, and job titles help scammers guess passwords and answer security questions. If you have unused accounts, make sure to delete them. Make social profiles private, and limit what you share, even with your friends and colleagues.

Remove your personal information from people-search sites

Many people-search websites, such as Spokeo, Whitepages, and MyLife, collect and display personal details, like names, phone numbers, addresses, relatives, and sometimes even SSNs. These sites make it easy for identity thieves to impersonate someone whose SSN has already been exposed, or to guess account passwords and steal even more data.

The best way to protect yourself is to send opt-out requests to these sites to remove your personal details, or use a reputable data removal service to automate the process. Taking control of your data makes you a harder target and helps safeguard your privacy in the long run.

FAQ

How do I know if my SSN was leaked?

You can use monitoring services to detect if your Social Security Number is on the dark web, these include Norton, Experian, or HaveIBeenPwned. These tools scan thousands of websites on a daily basis, checking for mentions of your personal information. Signs that your SSN may have been leaked or misused include unfamiliar tax  filings, unauthorized transactions, new credit lines, accounts opened in your name, missed payments, or debt collections you don’t recognize.

Should I change my SSN if it was found on the dark web?

The short answer is yes, you can, but SSNs can be changed under specific circumstances, such as identity theft or  when your safety is in danger. Before taking this step,  consider freezing your credit with the three major bureaus (Experian, Equifax, or TransUnion)  to prevent hackers from opening new accounts in your name.

How do I report identity theft related to my SSN?

If your SSN has been stolen and misused, contact the Federal Trade Commission (FTC). The FTC collects identity theft complaints and provides a personalized recovery plan to help victims regain control over their personal information.