While identity theft is frequently associated with mega-data breaches such as the Target breach last year, new research from the Center for Identity at The University of Texas at Austin has found it is old-fashioned “analog” theft that is the major driver in identity-related crimes.
The findings, detailed in the newly released 2017 Identity Theft Assessment and Prediction Report, shed light on the criminal processes behind identity theft. The report concludes that approximately 50 percent of identity theft incidents analyzed between 2006 and 2016 resulted from the exploit of non-digital vulnerabilities targeted by criminals, such as empty prescription drug bottles or sensitive paper documents. In other words, vulnerabilities caused by human error are often times exploited by fraudsters.
The report also found that despite the attention high-profile nationwide data breaches receive, the majority of identity theft cases – 99 percent – were confined to a local geographical area, smaller businesses or certain victim profiles. Additionally, the research found the “insider threat” played a role in 34 percent of cases, meaning employees of companies or family members of individuals had a role in one-third of identity theft cases analyzed.
“These new findings leave no doubt that criminals are taking advantage of non-digital vulnerabilities to cause significant financial, reputational, and emotional distress for their victims and the organizations who hold their personally identifiable information,” said Suzanne Barber, director of the Center for Identity. Therefore, continues Dr. Barber, “protection of sensitive personal identifiable information requires diligence across what the Center calls the "ID360 of identity” encompassing the technology, processes and people accessing, storing and using these valuable identity assets.
The report was developed by the Identity Center’s Theft Assessment and Prediction project in conjunction with a number of industry partners. The analysis included statistics from more than 5,000 cases of identity theft and other identity-related crimes that were recorded throughout the 16 critical infrastructure sectors of the Department of Homeland Security.
Additionally, the research showed that identity theft reached across all consumer sectors, with the top five most affected being consumer/citizen, healthcare and public health, government facility, education and financial services.
“The data shows that no market sector is safe from the threat of identity theft,” Barber said. “The overall findings provide more clarity on these issues and dispel widely reported misinformation about them. The general public and organizations of all types would be well served to educate themselves so that they may better protect against these pervasive hazards.”