OMG. This is a straightforward simple thing to fix. I swear they have to be putting something in the water. The problem is not the social security number, the problem is random business entities storing them in their databases! They don't need to replace SS numbers, they need to make it illegal for businesses to database them. Businesses should be forced to use a standardised cryptographic hash function to store them like the new sha-3. Then when business needs to look you up, you give them your SS number they enter it in the system which creates the same sha-3 hash, the hash is then used to look you up on the database. What is so difficult about that. A mediocre programmer could write an app, in just a few minutes to convert each SS record in a database to the sha-3 hash and the app on the customer service side to create the hash from your SS number is Freeware!!
Indeed, because they have now proven they are sorely inadequate of protecting any of it. In fact I agree they should make it illegal for businesses to store what they are incapable of securing but this is now a genie well out of the bottle.
Even more secure, hash the name and social security number together, then no database record would be identifiable on the database until that individual needs a credit check. Credit check person enters your name and SS number into their application on their terminal, it creates the hash and the hash is the key used to pull up your record on their database.
Its not, they are just retarded. Equifax should be ordered to notify everyone that was affected, and they should be generated a new SS number and Equifax should have to pay for it. Then do what I said in my other posts If I was president there would not be any of this, "well its harder than we thought" BS. I would be getting it fixed already.
Some lids are just not designed to be put back on. I don't think what they should do and what they want to do are one and the same.