Good Ol' Fashion Theft Biggest Threat to Consumer Data

By Allen Bernard

(Back to article)

Even though data breaches get all the headlines and cause fear among consumers, they are not the most common means for criminals to glean identity data.

These incorrect beliefs about the way consumer data breaches have an impact on identity fraud may lead to ineffective actions taken by consumers, companies, and government, according to a report published Tuesday by Javelin Strategy & Research.

The report, Data Breaches and Identity Fraud: Misunderstanding Could Fail Consumers and Burden Businesses, indicates the known leading causes of ID fraud are lost or stolen wallets, checkbooks and credit cards, which account for 30% of ID fraud.

Other known leading causes include information stolen by friends, acquaintances, relatives or corrupt employees.

According to the report, public notifications of breaches reached into the tens of millions last year, but identity fraud only increased four percent. The large number of data breaches and the publicity they have received has created the incorrect assumption that fraud resulting from data breaches is prevalent.

"Governments and corporations must ensure that their data breach 'cures' do not cause more problems than the breach," said James Van Dyke, president of Javelin Strategy & Research, in a statement. "Consumers should remain highly vigilant about other causes such as lost personal information and acquaintances who snoop."

Key findings of the report include:

  • 30% of consumers were victims of a data breach during the 12-month study.

  • Less than one percent of those whose data was lost were actually victims of identity fraud.

  • Data breaches were responsible for only six percent of all known cases of identity fraud in both new and existing accounts.

  • National legislation could saddle businesses with costly and unnecessary burdens and distract consumers with advice that will do nothing to protect them from identity fraud.

  • National legislation is needed to set uniform national standards for consumer notice of data breaches.

  • Legislation must be based on a complete understanding of the threats and not on overreactions to the issue.

    "Only 0.8% of data breaches have led to fraud," said Mary Monahan, an editor and analyst at Javelin. "For the consumer education is No.1, and we have to keep their attention focused on those areas that will best protect against ID fraud. While corporations have to protect consumer's data, that's a given. If we don't self police the industry we are going to be policed more by legislation."