If this wasn't already apparent, a massive crack at UT Austin netting potential tens of thousand of personal identities should make it obvious. It sounds like the system was apparently so ill-monitored that the cracker was able to use an exhaustive attack on the SSN space. Anyone running systems like this is asking for massive liability for negligence.

Update: Yes, an exhaustive attack undoubtedly made easier by the coupling of initial triplet of the SSN to the geography in which it was issued.
2:59:23 PM