It’s not. Often the SSN alone is used for identification, which is why it’s such a big deal if it leaks somewhere. And random companies can use it as well afaik, increasing the odds that it leaks online.
sites.psu.edu/…/rcl4-advertising-gone-wrong/Here’s an interesting article about a CEO of a company specialising in identity protection being so confident in his services, that he printed his actual SSN in an advertisement.
He had his identity stolen 13 times shortly afterwards.