Well Below A+ For Social Security

From a recent audit report by Social Security Office of Inspector General:

Our objective was to determine the extent to which publication of the Death Master File (DMF) results in a breach of personally identifiable information (PII). ...

Since January 2004, SSA's publication of the DMF has resulted in the breach of PII for more than 20,000 living individuals erroneously listed as deceased on the DMF. SSA made these individuals' SSNs; first, middle, and last names; dates of birth and death; and State and zip codes of last known residences available to users of the DMF before learning they were not actually deceased. SSA attempted to retract these disclosures by deleting the individuals' information from the DMF. While these deletion transactions prevented the PII from being included in subsequent versions of the DMF, the deletions had no effect on the PII previously made available to DMF subscribers. In some instances, these individuals' PII remained available at the time of our audit for free viewing on the Internet. Public disclosure of living individuals' PII increases the opportunity for identity theft and subjects SSA to criticism from the affected individuals, the public and Congress and could subject SSA to legal action.