People who used their employee identification number instead of their Social Security number are not at risk.
Social Security Numbers are convenient personal identifiers for American citizens since they are more unique than full names. However SSNs are supposedly secret numbers (like credit card numbers) so systems and processes should avoid using them unless it is essential (i.e. for social security-related purposes). Systems that have to use SSNs for some reason need appropriate security measures including strong system and data access controls with encryption.
US public bodies have been known to post official documents containing SSNs online.
It seems to me the real problem with SSNs is their use for authentication as well as identification of individuals. Biometrics would make much better authenticators, and we'll be covering biometrics in next month's NoticeBored security awareness module. Watch this space.