Data Breaches Not the Leading Cause of Consumer ID Fraud: Javelin
Monday, 30 October 2006
Incorrect beliefs about the way consumer data breaches have an impact on identity fraud may lead to ineffective actions taken by consumers, according to a recent report published by Javelin Strategy & Research. The misunderstandings may also lead to flawed protective measures taken by corporations as well as state and local governments.
The report, which is titled “Data Breaches and Identity Fraud: Misunderstanding Could Fail Consumers and Burden Businesses,” is the first-ever nationally representative report that shows the true known relationship between data breaches and actual occurrences of identity fraud, according to Javelin.
The report said that public notifications of breaches reached into the tens of millions last year, but identity fraud only increased four percent. The large number of data breaches and the publicity they have received has created the incorrect assumption that fraud resulting from data breaches is prevalent, the report said.
The Javelin report indicated that the known leading causes of ID fraud are lost or stolen wallets, checkbooks and credit cards, which account for 30 percent of ID fraud. Other known leading causes include information stolen by friends, acquaintances, relatives or corrupt employees.
“Governments and corporations must ensure that their data breach ‘cures’ do not cause more problems than the breach,” said James Van Dyke, president of Javelin Strategy Research. “Consumers should remain highly vigilant about other causes such as lost personal information and acquaintances who snoop.”
Key Findings of the Javelin Report
· 30 percent of consumers were victims of a data breach during the 12-month study.
· Less than 1 percent of those whose data was lost were actually victims of identity fraud.
· Data breaches were responsible for only 6 percent of all known cases of identity fraud in both new and existing accounts.
· National legislation could saddle businesses with costly and unnecessary burdens and distract consumers with advice that will do nothing to protect them from identity fraud.
· National legislation is needed to set uniform national standards for consumer notice of data breaches.
· Legislation must be based on a complete understanding of the threats and not on overreactions to the issue.
“When you compare the public attention that data breaches receive to other causes of ID theft, consumers are being misdirected on how to set overall priorities for guarding against identity fraud,” Van Dyke said. “It is clear that there are other areas of exposure that carry a far greater overall risk. Consumers should be empowered with awareness of all the causes so they can take appropriate steps to prevent ID fraud.”
"The study is important because knowing how identity fraud can happen will help consumers protect themselves against this devastating crime," said Anne Wallace, executive director of the Identity Theft Assistance Center (ITAC).