A more more direct anecdote: I just got a replacement social security card by mail. All it took to do it online was information from my credit report.
Thanks to this breach, the only defense against someone getting my social security card fraudulently is that it has to be mailed to my current address.
You can put a credit freeze on you file in major credit bureaus - this way their website would not be able to verify answers on security questions and deny login.
Brian Krebs did a good article on the process placing a freeze on your file [1]
Thanks to this breach, the only defense against someone getting my social security card fraudulently is that it has to be mailed to my current address.