PDFs that contain social security numbers that are being emailed as an attachment are not being detected or blocked.
The SSNs are typed into input (fill-in) fields in the PDF.

HTTP or HTTPS uploads of the same PDF are also not blocked.

Release: 15.8 but can affect any version.

To reduce false positives, the policy has a keyword exception for the number "999999999".
The PDF form has that number as a sample bank routing number.
So the exception fired causing the policy to not block the transfer of the file.
After that keyword was removed, the policy did block the file from being transferred.

Another issue is that one of the lines in the form has you enter each digit of the SSN into a separate field.
These nine separate digits (example: 2 1 2 5 4 7 8 3 6) will not be recognized as an SSN by our detection engine.