Back when identity theft was mainly credit card fraud and a 100,000-record leak was a big deal — the good old days, around 2004 — my hacker friends and I would sit around and brainstorm ways to slow down what some were calling the fastest-growing crime of the century.

One method came up again and again: Someone should steal the entire database of Social Security numbers and publish it online. (No one tried — that would be a crime!) Why do something so crazy? Once and for all, it would eliminate the fantasy that a Social Security number is both a unique identifier and a secret to be used as an authenticator.

Consumers are asked for their Social Security number perhaps dozens of times each year: by banks, by utility companies, by their health care providers, by government agencies, even by websites. Every time the number is given, the odds go up that it will fall into the wrong hands. Still, America’s identification system relies on the fantasy that these nine digits are a secret. Publication of the full Social Security number list would shatter that fantasy and force the banking industry to invent new and genuinely effective ways to protect consumers from identity thieves.

It seems that has finally occurred. The Equifax credit-reporting agency is being terribly, dangerously vague about its stunning loss of “potentially” 143 million Social Security numbers. The data belong to roughly three-quarters of Americans with a credit report. Might as well be everyone.