2013 Identity Fraud Report: Data Breaches Becoming a Treasure Trove for Fraudsters

Identity fraud incidence increased in 2012 for the second consecutive year, affecting 5.26% of U.S. adults. This increase was driven by dramatic jumps in the two most severe fraud types, new account fraud (NAF) and account takeover fraud (ATF). Javelin’s “2013 Identity Fraud Report” provides a comprehensive analysis of fraud trends in the context of a changing technological and regulatory environment in order to inform consumers, financial institutions, and businesses on the most effective means of fraud prevention, detection, and resolution. This year, Javelin conducted a thorough exploration of the relationship between the compromise of personal information in a data breach and fraud incidence. This report also expounds current trends in online retail fraud and familiar fraud, and implicates key factors in victims’ susceptibility and responses to fraud.

The survey was made possible in part by CitiGroup Inc. and Intersections LLC.  To preserve the project’s independence and objectivity, the sponsors of this project were not involved in the tabulation, analysis, or reporting of final results.

​Selected Key Findings

• Identity fraud incidents and amount stolen increased—The number of identity fraud incidents increased by one million more consumers over the past year, and the dollar amount stolen increased to $21 billion, a three-year high but still significantly lower than the all-time high of $47 billion in 2004. This equates to 1 incident of identity fraud every 3 seconds.
• 1 in 4 data breach notification recipients became a victim of identity fraud—This year, almost 1 in 4 consumers that received a data breach letter became a victim of identity fraud, which is the highest rate since 2010. This underscores the need for consumers to take all notifications seriously. Not all breaches are created equal. The study found consumers who had their Social Security number compromised in a data breach were 5 times more likely to be a fraud victim than an average consumer.
• Fraudsters misuse information fewer days than before—Consumer information was misused for an average of 48 days in 2012, down from 55 days in 2011 and 95 days in 2010. Misuse time was down for all types of fraud including fraud on cards, loans, bank accounts, mobile phone bills and other types of fraud due to consumer and industry action.  More than 50 percent of victims were actively detecting fraud using financial alerts, credit monitoring or identity protection services and by monitoring their accounts.
• Small retailers are losing out—Fraud victims are more selective where they shop after an incident, and small businesses were the most dramatically impacted. The study found that 15 percent of all fraud victims decided to change behaviors and avoid smaller online merchants. This is a much greater percentage than those that avoid gaming sites or larger retailers.

Companies Mentioned

Amazon

MasterCard

American Express

McAfee

Apple

Microsoft

Discover

PayPal

EBay

Target

Europay

Trend Micro

Facebook

Visa

Global Payments

Wal-Mart

Google

Zappo’s

Macy’s

“2013 Identify Fraud Report” data was gathered by a survey of a representative sample of 5,249 U.S. adults, including 857 consumers who were fraud victims in the past six years. This report has been issued as a longitudinal update to the Javelin 2005, 2006, 2007, 2008, 2009, 2010, 2011 and 2012 identity fraud reports, and the Federal Trade Commission’s “2003 Identity Theft Survey” report.