UpGuard research found a trove of sensitive information in an exposed Elastic database. Getting to the bottom of what it meant led us down an interesting path.
The article says more clearly “2.7 billion records with Social Security numbers.” The author goes on to say he found 4 records with a friend’s data but in those 4 records were 3 different SSNs. He called the friend and confirmed that one of them was his actual SSN. I guess someone was auto-linking names and SSNs for ID theft purposes and getting it wrong sometimes.
Its probably a mix of SSNs and EINs, there is no limit to the amount of EINs you can have. Except for the fact they will only issue one a day to a person.
According to SSA they have issued under 500m SSNs and they are not reassigned after death. How have BILLIONS been found?
To add to this: less than 1B US citizens have ever existed since the founding of the US - estimable to about 500M-600M
The article says more clearly “2.7 billion records with Social Security numbers.” The author goes on to say he found 4 records with a friend’s data but in those 4 records were 3 different SSNs. He called the friend and confirmed that one of them was his actual SSN. I guess someone was auto-linking names and SSNs for ID theft purposes and getting it wrong sometimes.
Its probably a mix of SSNs and EINs, there is no limit to the amount of EINs you can have. Except for the fact they will only issue one a day to a person.