Years ago Social Security was the ONLY legal use for a SSN. Now it's college ID, driver's license, medical insurance, car insurance, credit card, home and car rentals, loans, even application for a supermarket discount card. ... etc etc etc. Far more chance (certainty) for exposure. In the electronic world where often the customer and service provider never personally meet, the situation gets even worse. A leak is forever (unlike a credit card number which can be cancelled).
Of course, many people may not even have documentation of their SSN, and if they do it's a simple little paper card which is easily counterfeited. When people don't have convenient proof of ID, especially over electronic media, the next step is personal questions. That's why a compromised social media account password sells for more than a credit card info.
The real world consequences are risky because only a single leak provides complete failure, even if the other 99% of the agencies you deal with are secure. Regardless of one's position on immigration issues, it is a fact that stolen identities are sold for medical and social services. There have been many cases of people who found out that they have recently had medical services paid by their insurance company, or that they've applied for government benefits. Even personal contact doesn't always help, one person posted his story of being admitted to the hospital only to find out 'he had been treated there' only a month ago.
This situation will continue to deteriorate and there is no real way around it. There is no real identity mechanism in this country especially for older folks like myself. Fortunately I got my passport 35 years ago, because my birth certificate was a primitive typed document that wouldn't even be accepted now.
-- FORTRAN manual for Xerox Computers --