How To Protect Yourself If Your SSN Is Found on the Dark Web

What Happens If Your SSN Is on the Dark Web?

If your Social Security number (SSN) is found on the Dark Web, you will almost certainly be targeted by identity thieves and cybercriminals.

A 2025 study from financial security company SentiLink found that 97% of people who had their SSNs leaked on the Dark Web were victims of attempted identity theft.

Scammers can use stolen SSNs to apply for loans and new credit cards, open bank accounts, file fraudulent tax returns, receive medical care, or even commit crimes — all in your name.

If you think your SSN has been compromised, you need to act quickly to secure your identity.

{{hacker-view-widget}}

How To Know If Your SSN Is on the Dark Web

Cybercriminals hack company databases in order to steal large amounts of personally identifiable information (PII) and sell it on the Dark Web — an anonymized layer of the internet that has become a hotbed for hackers and other online predators.

According to some reports, 69% of all data breaches last year included the exposure of SSNs — such as the April 2024 AT&T breach that leaked over 70 million Social Security numbers to the Dark Web.

The problem is that accessing the Dark Web isn’t the same as browsing the “surface” web.

You can’t use your normal browser; and most Dark Web sites are hidden behind unique, non-memorable addresses that aren’t accessible via traditional search engines.

Most people shouldn’t try to access the Dark Web on their own (even if they know where to look). Many Dark Web forums and sites are home to hackers, scammers, and malware — putting you and your loved ones at even greater risk.

Here are some safer ways to find out if your SSN is on the Dark Web:

• Check for leaks by using a reputable Dark Web scanner. Many companies offer Dark Web monitoring or one-time scans to check commonly used Dark Web sites and marketplaces for personal information. Start with Aura’s free Dark Web scanner to see if your passwords were leaked.‍
• Look for data breach alerts from companies and services that you use. Companies are legally required to send data breach notifications if they leaked your data. Check your email and print mail for notifications. You can also use a data breach scanner to see if you’re a victim.‍
• Sign up for an SSN monitoring service. Identity theft protection services like Aura can monitor your SSN and notify you if it appears in public records, account applications, or other places that indicate common warning signs of fraudulent activity. You can sign up for a 14-day free trial of Aura to check if your SSN and other sensitive PII has been leaked.‍
• Keep an eye on your credit reports and sensitive accounts. You may not know if your SSN is leaked, but there are clear warning signs that it’s being used by someone else. Review your credit reports for unfamiliar accounts and hard inquiries. You can also sign up for a my Social Security account to see if anyone has gained employment by using your SSN.

Can You Remove Your SSN From the Dark Web?

No. If your SSN and other information is found on the Dark Web, it’s almost certainly spread to multiple sites and marketplaces, making it almost impossible to completely remove it.

Sites on the Dark Web are out of reach for authorities — and even if one site gets taken down, the data is almost always backed up and quickly re-uploaded to a new site.

For example, many large data leaks actually just include repackaged information, such as “the mother of all breaches.” Discovered by cybersecurity researchers in 2025, this breach comprised a collection of 16 billion passwords and other data that was leaked in previous breaches.

The bottom line: If your information is circulating on the Dark Web, you’re better off protecting your accounts than trying to remove it.

What To Do If Your SSN Was Found on the Dark Web

1. Freeze or lock your credit immediately
2. Report the fraud to the FTC and local authorities
3. Get an identity protection PIN from the IRS
4. Lock your SIM card and phone account
5. Secure your most sensitive online accounts
6. Self-lock your SSN through the SSA’s E-Verify service
7. Review your credit and bank statements for fraud
8. Request your medical insurance documents
9. Sign up for extended identity and SSN monitoring

As soon as you suspect that your SSN has been leaked, you should immediately lock down your credit files and other sensitive accounts — including those with the IRS, Social Security Administration (SSA), your mobile phone provider, and financial institutions.

Here’s a detailed guide of steps to take in order of importance:

1. Freeze or lock your credit immediately

Scammers can use your leaked SSN and other personal information to take out loans, open new credit cards, and apply for financial accounts in your name. A credit freeze prevents anyone from accessing your credit file — making it one of the strongest protections against identity fraud.

To freeze your credit, you need to contact each of the three major credit bureaus individually — Experian, Equifax, and TransUnion. They’ll verify your identity and then provide credit freeze PINs that you can use later to “unfreeze” your accounts when you need to apply for credit.

Here’s how to contact each credit bureau:

What about a fraud alert or credit “lock”? A fraud alert is easier to implement, as you only have to contact one of the credit bureaus. However, fraud alerts merely suggest that lenders take additional precautions before extending credit — something scammers have learned to circumvent. 

A credit lock on the other hand, is a paid service that allows you to instantly lock and unlock your credit file. For example, Aura includes a one-click Experian credit lock with all of its plans.

2. Report the fraud to the FTC and local authorities

As soon as possible, you should report the fraud to the relevant authorities. The main government agency concerned with SSN theft and identity fraud is the Federal Trade Commission (FTC).

Here’s what to do:

• File an official identity theft report with the FTC at identitytheft.gov. The FTC’s online portal allows victims to self-report identity theft and stolen PII and receive an identity theft affidavit. This is an essential document to help you dispute fraudulent accounts and transactions or correct inaccurate information on credit reports.
• In some cases, you may need to file a police report with your local law enforcement agency. Contact local police if you have information that could lead to an arrest. Some creditors and financial institutions may require a police report to prove you were the victim of identity theft.

3. Get an identity protection PIN from the IRS

Identity Protection PINs (IP PINs) stop someone from filing tax returns by using your SSN or Individual Taxpayer Identification Number (ITIN). Only you and the IRS know your IP PIN, and it must be entered on every federal tax return.

If you’re a previous victim of tax-related identity theft and the IRS has fixed your tax issues, they will mail you a CP01A Notice with a new IP PIN to use each year. 

If you haven’t been the victim of identity theft, you can still request an IP PIN via your IRS.gov account or at your local Taxpayer Assistance Center (make sure to bring two government-issued identification documents to verify your identity).

4. Lock your SIM card and phone account

A leaked SSN is often attached to more personal data on the Dark Web — including your phone number, account passwords, and financial details.

Scammers use this information to convince your mobile phone provider to switch your account to a new SIM card that they control (called SIM swapping). This allows them to intercept your calls and texts as well as your two-factor authentication (2FA) codes.

In one recent case, a Florida woman lost $17,000 in a matter of hours after scammers gained access to her phone number and online bank account through a SIM swap scam.

📚 Related: How To Find Out If Your Information Is on the Dark Web →

5. Secure your most sensitive online accounts

After a breach, it’s a good idea to proactively update the login details for sensitive accounts, including your online banking, email, and social media accounts.

Best practices for account security include:

• Strong passwords: At a bare minimum, all accounts should use unique passwords that are at least 10 characters long and contain a combination of letters, numbers, and symbols.
• A password manager: Storing your passwords in a secure password manager gives you easy access to them (as you only need to remember your “master” password). Some password managers also warn you if your credentials have been leaked or are too weak.
• Multi-factor authentication (MFA/2FA): This secondary security measure requires a special code or biometrics (facial recognition, fingerprint, etc.) to access your accounts. With 2FA enabled, scammers can’t access your accounts with just your leaked passwords.
• An authenticator app: Apps such as Authy or Okta securely provide 2FA codes, preventing scammers from intercepting them with a SIM swap scam.

6. Self-lock your SSN through the SSA’s E-Verify service

The Social Security Administration (SSA) has an online tool that helps prevent scammers from using your SSN to gain illegal employment. The online E-Verify Self Lock service can warn potential employers that your SSN should not be used for employment.

You can access E-Verify via the SSA’s myE-Verify website. It’s a good idea to proactively create an E-Verify account to prevent scammers from opening one in your name.

Note: It’s important to understand the limitations of the SSA’s “SSN Lock.” This tool only prevents employment-related fraud. It can’t help prevent scammers from using your leaked SSN for other purposes.

7. Review your credit and bank statements for fraud

If your SSN has been compromised, you’ll want to keep close tabs on your financial accounts to ensure that fraudsters haven’t accessed them. Discrepancies on your credit reports could also be signs of synthetic identity fraud — when scammers create fake identities by using your real SSN along with fake information in order to get credit and apply for loans.

• Request free credit reports from AnnualCreditReport.com to check whether anyone has obtained unauthorized loans in your name.
• Monitor your bank accounts for suspicious transactions. A credit monitoring service can monitor your bank, credit, and investment accounts for you and notify you of any suspicious activity. 
• Be mindful of sudden changes in your credit score. This is a clear sign that someone is using your identity for credit fraud. Services like Aura can monitor your credit files and warn you of drops in your credit score.
• Contact the fraud department of your bank or credit card company to close compromised accounts and cards and issue new ones.

📚 Related: What Can Scammers Do With Your Bank Account Number?  →

8. Request your medical insurance documents

An often-overlooked danger of a leaked SSN is when fraudsters impersonate you to receive healthcare, order prescription drugs, or use up your medical insurance benefits. Medical identity theft can have dire consequences if a scammer receives healthcare in your name and corrupts your medical files.

If you’ve been the victim of a breach, request your Explanation of Benefits (EOB) from your health insurance provider. This document provides details of visits and treatments received. Look for anything unfamiliar, and follow up with your insurance provider.

Need help? The Centers for Medicare & Medicaid Services offers a guide on how to read an EOB.

9. Sign up for extended identity and SSN monitoring

If your SSN has been leaked, it’s likely only a matter of time before someone tries to use it. If you haven’t been a victim yet, you may still be in the future.

Identity theft protection services can monitor your SSN and other sensitive information, run regular Dark Web scans, and provide additional tools to help keep you safe from fraud and scams.

Aura has been rated #1 by numerous publications and tech reviewers, and received CNET’s 2025 Editor’s Choice Award for best overall service.

Aura combines award-winning identity theft protection with three-bureau credit monitoring, the industry’s fastest fraud alerts³, powerful antivirus software, device security, online privacy tools, 24/7 support, and up to $1 million in identity theft insurance for every adult on your plan.

Can You Change Your Social Security Number?

Only in very extreme cases will you be able to change your SSN — for example, if you’ve faced ongoing fraud or are at risk of physical harm or harassment.

However, most people shouldn’t attempt to change their SSNs. A new SSN can affect your earnings history and credit, making it more difficult down the line to apply for legal documents and passports. 

In most cases, you may be better off dealing with the fallout of SSN theft rather than trying to get a new SSN.

How To Keep Your Sensitive Information Off of the Dark Web 

Since it’s almost impossible to remove data once it’s been leaked to the Dark Web, prevention is the best way to protect yourself. 

Take these critical steps to keep your SSN private:

• Don’t carry your Social Security card with you. Also, shred documents that display your SSN as soon as you’ve reviewed them.
• Be selective about sharing your SSN. Never share your SSN on social media or in any other public forum. Avoid phishing scams by asking why someone needs your SSN and how it will be used. When in doubt, do not include it on an application form.
• Use a VPN when updating sensitive accounts. A virtual private network encrypts your data — stopping hackers from stealing your SSN as you apply for new accounts or file your taxes. It will also block spoofed websites designed to steal your credentials.
• Create a my Social Security account. Claiming your SSN at SSA.gov ensures that no one else can create an online account in your name — even if they have your number.
• Check your Social Security earnings record annually. Compare it to your W-2 and tax return. If you’ve created a my Social Security account, you’ll automatically get emails three months before your birthday each year reminding you to review your earnings.

Scammers do everything they can to access your accounts — and your Social Security number is one of their favorite targets. 

Sign up for a free, 14-day Aura trial to be alerted in near real-time if someone uses your SSN or if any unauthorized activity is detected on your financial accounts.