The number of identity fraud incidents increased by one million more consumers over the past year, and the dollar amount stolen increased to $21 billion, a three-year high, according to a Javelin survey. This equates to 1 incident of identity fraud every 3 seconds.
And of the 16 million people affected by data breaches in 2012, more than 25% of those went on to suffer from identity theft, the survey says. Put another way, 1 in 4 consumers who received notification about a data breach ultimately became a victim of identity fraud, which is the highest rate since 2010. (Perhaps more shocking: consider the scores of identity-theft victims who have yet to be identified or won’t find out their identity has been compromised for years, especially children!)
The security firm also says those who had their Social Security number stolen were five times more likely to suffer identity theft. The highest rates of fraud were in the retail, financial, and healthcare sectors.
Indeed, the latest issue of AARP Bulletin recommends consumers be sparing with data. The article recommends the following: “If you’re asked on an application to provide your Social Security number, ask why. It may not really be needed. It’s always safest not to store financial account information online for bill paying.”
Data breaches give criminals the fuel they need to execute various fraud schemes, and these crimes have crippling consequences.
“Identifying and protecting the sensitive information typically stored by these industries is essential for mitigating the risk of a data breach and, therefore, the risk of financial loss to data custodians, consumers, and third-party businesses,” said Al Pascual, senior analyst of security, risk and fraud at Javelin.
Fear the Cloud?
Protecting sensitive information is the ideal, but how is this possible in our increasingly paper-less environment? Healthcare breaches, in particular, are continuing to skyrocket with tablet-toting physicians, cloud-based medical records, and Healthcare.gov’s admitted lack of security. How can you work to keep your sensitive medical information private when hospitals themselves aren’t understanding encryption issues and related privacy concerns?
Likewise, how do retailers and banks protect your credit card and personal information if you do a lot of business online? In its 2013 Data Breach Investigations Report, Verizon Enterprise reports that 74% of data breaches to small businesses are “crimes of opportunity” because a hacker noticed a weakness and exploited it. How can you be sure that employees you entrust with your sensitive information truly understand data security protocol? But what about the big companies — think AT&T, LinkedIn, Yahoo!, Amazon, and the like — what are they doing to encrypt your information? The Electronic Frontier Foundation has come out with an eye-opening chart.
Check it out and then join our conversation on Facebook and let us know what you think!