What really needs to be done is to put in place a system to eliminate the SSN altogether. If it hasn't been exposed by now, it eventually will be. It's too late to secure this archaic ID.I propose a public/private rolling key. You provide a "new" SSN to a requestor. Then you would take both that SSN and your private PIN (which you can change) to generate a new SSN to provide for the next requestor. It doesn't guarantee your info wouldn't be lost, but you would be in control of it and would be able to track down who leaked it.
Nobody trades equifax shares in that large of margins mere three days after a massive breech only to wait 40 days before actually reporting it. The three executives in question should be tried and convicted to the strictest of standard. Preferably life in prison as there are far more that get away with ruining our economy on the pretext of personal gain.