The problem, in this particular case, is that the Social Security number was never designed to be a secure identifier. It was designed just to disambiguate "John Smith" of 10th St, MyTown, form "John Smith" of 12th St., MyTown. By assigning an account number to each covered worker, they could easily do this.
Unfortunately, since the 1950's, the SSN has been massively misused. Some people believe it uniquely identifies an individual, but the reality is that it does not. Both the Social Security Administration and the Internal Revenue Service use the SSN plus part of the person's name to uniquely identify an individual. Also, many schools, courts, local governments and the US Military used the SSN as an ID number, frequently PUBLISHING it in various documents, many of which are now available on-line.
We need to get back to the basic use - identifying a person to the Federal government. All other uses should be outlawed, with significant penalties imposed. Absolutely FORBID financial institutions from using the SSN for any purpose other than IRS filings.[p]I believe this is the only way to prevent the SSN from being further misused.