This article is brought to you by Aura.
Watch the video to see how we protect you online.
This article is brought to you by Aura. Watch the video to see how we protect you online.
Start Free Trial
4.7-star rating on Trustpilot
4.7 stars on Trustpilot
White close button to close the window or modal
Play button to start video/audio
What is Aura? (1:10)
Play button to start video/audio

My Social Security Number Was Found on the Dark Web. Help!

Most SSNs have been leaked to the Dark Web in recent years — making it more important than ever to learn how to make yourself a less vulnerable target.

Most SSNs have been leaked to the Dark Web in recent years — making it more important than ever to learn how to make yourself a less vulnerable target.

Illustration showing a flash light shining on an SSN card

Aura’s app keeps you safe from scams, fraud, and identity theft. Try Aura for free.

Trustpilot logo4.5-star rating on Trustpilot
4.6 stars as of Sept. 2024

In this article:

    In this article:

      See more
      Illustration of a hand holding a phone that resembles a lock

      Aura’s digital security app keeps your family safe from scams, fraud, and identity theft.

      See pricing
      Share this:

      How Dangerous Is It If Your SSN Is on the Dark Web?

      With just your Social Security number (SSN), scammers can apply for loans, open bank accounts, and commit crimes — all in your name.

      Unfortunately, there’s a good chance that your SSN is already on the Dark Web — or, as one cybersecurity CEO put it: “If it’s not, it will be.” [*]

      By some reports, 69% of all data breaches last year included SSNs [*]. The April 2024 AT&T breach alone leaked over 70 million Social Security numbers to the Dark Web [*].

      The bad news is that once your SSN has been leaked to the Dark Web, it’s virtually impossible for you to remove it. Instead, the best thing you can do is to proactively lock down your identity and accounts and be prepared for the worst. 

      {{show-toc}} 

      How To Check If Your SSN Is Circulating on the Dark Web

      The Dark Web is a layer of the internet that’s only accessible by using special tools such as the Tor browser. Unlike regular websites that most people use, marketplaces and sites on the Dark Web are truly anonymous — masking users’ locations, IP addresses, and identities — making the Dark Web a perfect platform for cybercriminals and hackers to buy and sell stolen data. 

      Because you likely can’t get on the Dark Web yourself (and probably shouldn’t, for safety reasons), there are only two ways to know if your SSN was part of a data breach:

      1. You get a notification from a company that was impacted by a data breach. Companies are legally required to disclose breaches, as well as what information was leaked.
      2. You get an alert from a Dark Web monitoring company. Aura, for instance, offers a free Dark Web scan that lets you know if your passwords or email address were leaked in a breach.
      Screenshot of Aura’s free Dark Web scanner with a field to enter your email address and see if your passwords have been leaked.

      While data breaches are the primary means by which your SSN can end up on the Dark Web, breaches aren’t the only threat. 

      Scammers can use phishing websites, hack Wi-Fi networks, and use bots and malware to steal personal information — leading to more of your data falling into the hands of hackers.

      📚 Related: How To Check If Someone Is Using Your SSN

      What To Do If Your SSN Was Found on the Dark Web

      Sites on the Dark Web are out of reach for authorities — and even if one site gets taken down, the data is almost always backed up and quickly re-uploaded to a new site.

      You can try to change your SSN, but there are only certain situations in which the government permits this — such as if you’ve experienced ongoing fraud or are at risk of physical harm or harassment.

      If you do get a new SSN, it can affect your earnings history and credit, making it more difficult down the line to apply for legal documents and passports. 

      In most cases, you’re better off dealing with the fallout of SSN theft rather than trying to get a new SSN.

      1. Freeze or lock your credit immediately

      One of the greatest risks of a leaked SSN is that scammers can use it to take out loans or open financial accounts in your name. A credit freeze prevents anyone from accessing your credit file — which means that scammers won’t be able to ruin your credit score.

      A credit freeze is more secure than a fraud alert, which only requires lenders to take additional precautions before extending credit to you — something scammers have learned to circumvent. 

      To freeze your credit, you need to contact each of the three major credit bureaus individually — Experian, Equifax, and TransUnion:

      Experian
      Equifax
      TransUnion
      1-888-397-3742
      1-800-685-1111
      1-888-909-8872
      Experian Security Freeze — P.O. Box 9554, Allen, TX 75013
      Equifax Information Services LLC — P.O. Box 105788, Atlanta, GA 30348-5788
      TransUnion LLC – P.O. Box 2000, Chester, PA 19016
      Pro tip: You can also “lock” your credit via programs provided by the credit bureaus or online safety apps such as Aura. A credit lock serves the same purpose as a freeze, but it activates nearly instantaneously — allowing you to lock and unlock your credit accounts from a mobile app or website.

      2. Report the fraud to the proper authorities

      If your SSN has been leaked or compromised and you are the victim of identity theft, contact the relevant authorities to inform them of the fraud and protect yourself against any actions that scammers may take by using your SSN:

      • The Federal Trade Commission (FTC). File an official identity theft affidavit online at IdentityTheft.gov. This will act as your proof of innocence and is almost always required when disputing fraudulent charges. The FTC will also supply you with a personalized fraud recovery plan. 
      • Local law enforcement. File a police report if your SSN was used to open accounts or if you have any information about the scammers or thief who victimized you. 
      • Social Security Administration (SSA). You can block criminals from using your SSN to unlawfully apply for work by using the online e-Verify service. Once your account is up and running, you can freeze your SSN by opening your dashboard, clicking on “Manage My Social Security Number” and then “Lock My SSN.” 

      It’s especially important to complete fraud and police reports if you are going to dispute fraudulent charges; otherwise, there’s no proof of your being a victim.

      3. Check your credit report and bank statements

      If your SSN has been compromised, you’ll want to keep close tabs on your financial accounts to ensure they haven’t been illegally accessed. 

      • Request free credit reports from AnnualCreditReport.com to check whether anyone has obtained unauthorized loans in your name.
      • Monitor your bank accounts for suspicious transactions. A credit monitoring service can monitor your bank, credit, and investment accounts for you and notify you of any suspicious activity. 
      • Contact the fraud department of your bank or credit card company to close compromised accounts and cards and issue new ones.

      📚 Related: What Can Scammers Do With Your Bank Account Number?  →

      4. Do a full Dark Web scan to see what information hackers have obtained

      Free Dark Web scanners (such as Aura’s leaked password checker or HaveIBeenPwned) can only tell you if passwords associated with your email address were leaked in a data breach. 

      To scan for more sensitive information — such as your SSN, credit card details, or even passport numbers — you need to sign up for a full Dark Web monitoring service.  

      A Dark Web monitoring service like Aura periodically scans Dark Web forums and websites for your personal information and then sends you notifications whenever anything suspicious is detected. Sign up for a free 14-day trial to start monitoring the Dark Web for your data right away. 

      5. Lock your SIM

      Identity thieves could potentially use your SSN to open a cell phone account in your name or even convince your cell phone provider to transfer ownership of your existing account. This could allow scammers to bypass two-factor authentication (2FA) security on your accounts — as any codes would be sent to a phone that they control. 

      As a precaution, you should contact your provider and ask them to “lock” your SIM with a custom PIN. Once you’ve locked your account, scammers can’t use your mobile data or make phone calls without your four-digit code.

      📚 Related: How To Find Out If Your Information Is on the Dark Web

      6. Get an Identity Protection PIN

      Identity Protection PINs (IP PINs) stop fraudsters from filing tax returns by using your SSN or Individual Taxpayer Identification Number (ITIN) [*]. Only you and the IRS know your IP PIN, and it must be entered on every federal tax return.

      If you’re a previous victim of tax-related identity theft and the IRS has fixed your tax issues, they will mail you a CP01A Notice with a new IP PIN to use each year. 

      If you haven’t been the victim of identity theft, you can still request an IP PIN via your IRS.gov account or at your local Taxpayer Assistance Center (make sure to bring two government-issued identification documents to verify your identity).

      7. Update all compromised passwords, and enable 2FA

      If your SSN has been leaked online, there’s a good chance other personal data about you is available as well — including your passwords. 

      • Change all of your compromised passwords immediately. Use a password manager to generate and store complex and unique passwords for each account. Avoid easy-to-guess phrases like your name or birthday. 
      • Use 2FA or multi-factor authentication (MFA). Even the strongest passwords can be leaked or stolen. Enabling 2FA or MFA provides another layer of protection that prevents criminals from accessing your accounts without your fingerprint, face ID, or authenticator codes.

      📚 Related: How Do Password Managers Work? [Step-by-Step Setup Guide]

      8. Consider signing up for identity theft protection

      Using your compromised SSN is one of the easiest ways for someone to steal your identity — and you won’t always be able to stop them. 

      Aura’s award-winning identity theft protection solution monitors your SSN and other sensitive information 24/7/365 — and notifies you if it’s been leaked, has appeared online or on the Dark Web, or is being used without your permission. 

      With Aura, you also get three-bureau credit monitoring with the industry’s fastest fraud alerts3, one-click Experian CreditLock, and an advanced suite of digital security tools to protect your personal data from being leaked.

      If the worst should happen, all Aura plans include round-the-clock U.S-based support and up to $1 million in identity theft insurance to cover eligible losses and expenses.

      🏆 Try Aura’s award-winning identity theft protection — for free. Sign up today for a free 14-day Aura trial and start protecting yourself and your family from criminals and identity thieves.

      What Can Scammers Do With Your Leaked SSN?

      Your SSN is a valuable piece of data for scammers — but even worse, it can be easily linked to more of your personally identifiable information (PII), such as your address, phone number, and date of birth. 

      With this type of stolen information, scammers can:

      • Open new credit card accounts or take out loans in your name
      • File for unemployment and other government benefits
      • Get a driver’s license or other ID in your name
      • File a fraudulent tax return and steal your refund
      • Receive medical care by using your benefits plan
      • Rent a home or lease a vehicle
      • And so much more…

      The bottom line: SSN fraud is hard to spot — until it’s too late. Consider an SSN monitoring tool to alert you if your personal information is being illegally used. 

      How To Keep Your Sensitive Information Off of the Dark Web 

      Since it’s almost impossible to remove data once it’s been leaked to the Dark Web, prevention is the best way to protect yourself. 

      Take these critical steps to keep your SSN private:

      • Don’t carry your Social Security card with you. Also, shred documents that display your SSN as soon as you’ve reviewed them.
      • Be selective about sharing your SSN. Never share your SSN on social media or any other public forum. Avoid phishing scams by asking why someone needs your SSN and how it will be used. When in doubt, do not include it on an application form.
      • Use a VPN when updating sensitive accounts. A virtual private network encrypts your data — stopping hackers from stealing your SSN as you apply for new accounts or file your taxes. It will also block spoofed websites designed to steal your credentials.
      • Create a mySocial Security account. Claiming your SSN at SSA.gov ensures that no one else can create an online account in your name — even if they have your number.
      • Check your Social Security earnings record annually. Compare it to your W-2 and tax return. If you’ve created a mySocial Security account, you’ll automatically get emails three months before your birthday each year reminding you to check your earnings [*].

      Scammers do everything they can to access your accounts — and your Social Security number is one of their favorite targets. 

      Sign up for a free, 14-day Aura trial to be alerted in near real-time if someone uses your SSN or if any unauthorized activity is detected on your financial accounts.

      Aura keeps your SSN (and identity) safe — start your free 14-day trial!

      Editorial note: Our articles provide educational information for you to increase awareness about digital safety. Aura’s services may not provide the exact features we write about, nor may cover or protect against every type of crime, fraud, or threat discussed in our articles. Please review our Terms during enrollment or setup for more information. Remember that no one can prevent all identity theft or cybercrime.

      Is this article helpful so far?
      Yes
      No
      Skip
      Need an action plan?
      No items found.
      Is your child ready for a cell phone? Take this quiz to find out.
      Start Quiz
      Illustration of a tilted question mark
      What do hackers
      know about you?
      Run a scan and find out now.
      By entering your email and clicking "Scan", you agree to our Terms and acknowledge our Privacy Policy.

      Award-winning identity theft protection with AI-powered digital security tools, 24/7 White Glove support, and more. Try Aura for free.

      Related Articles

      Illustration of a credit card protected inside of a glass case
      Credit & Finance

      How To Prevent Credit Card Fraud: 10 Essential Steps

      Criminals use your physical card or stolen credit card numbers to make purchases in your name or impersonate you — here's how you can stop them.

      Read More
      June 23, 2023
      Illustration of a deep sea diver shining a light on a warning symbol
      Internet Security

      Did You Get a Dark Web Alert? How To Secure Your Accounts

      If your PII surfaces on a cybercrime forum or website, there are ways for you to receive early notifications. This is where Dark Web alerts come in.

      Read More
      April 24, 2023

      Try Aura—14 Days Free

      Start your free trial today**