Identity theft in the United States

From Wikipedia, the free encyclopedia
Jump to: navigation, search

Identity theft in the United States was estimated to be responsible for financial losses of $24.7 billion in 2012 by a United States Department of Justice study — about double the $14 billion total of other property crimes. Analysts at Javelin Strategy & Research estimated that 1 in 3 Americans affected by a data breach ended up a victim of fraud in 2013 — up from 1 in 9 in 2010. According to their surveys, when an existing credit card is exposed and then used for fraud, the average loss is $1,251. When a Social Security number is exposed and then used to open new accounts, the average loss is $2,330.[1] Javelin says that the number of identity theft victims jumped to 13.1 million in 2013, an increase of 500,000 from 2012 and the second highest number of victims since Javelin began conducting its annual study in 2004.[2]

Identity theft is blamed for $4 trillion of fraudulent tax refunds by the Internal Revenue Service (IRS)[3] and 770,000 taxpayers have been the victims of tax identity theft by 2013.[4]

Data breaches[edit]

The Identity Theft Resource Center said there were 662 data breaches in the United States in 2010, almost a 33% increase from the previous year.[5]

On May 5, 2011, Michaels, a craft store chain, sent an email alert to its customers revealing that its debit card terminals in 20 states had been compromised. Customers who made PIN-based purchases between February 8 and May 6, 2011 may have had their data exposed.[6] A class action lawsuit was filed against Michaels in the County Court of Passaic, New Jersey over the incident.[7] On January 25, 2014, Michaels warned of a possible second hacking of its customers' data and urged shoppers to keep an eye on their card statements for fraudulent activity.[8] On April 17, 2014, Michaels confirmed a security breach at some of Michaels' stores and subsidiary Aaron Brothers from May 8, 2013 to February 27, 2014.[9]

Between July and September 2011, a $13 million scam resulted in the arrest of 111 people. The scammers used skimming devices to swipe consumer credit card information at retail or food establishments. According to the Federal Trade Commission losses from identity theft in the United States cost about $1.52 billion in 2011. It is estimated that the IRS gave identity thieves $5 billion in refunds. [10]

In 2012, about 40 million sets of payment card information were compromised by a hack of Adobe Systems.[11]

On February 15, 2013, Rep. Debbie Wasserman Schultz (D, FL-23) introduced the Stopping Tax Offenders and Prosecuting Identity Theft Act of 2013 (H.R. 744; 113th Congress) into the United States House of Representatives.[12] The bill would increase the penalties on identity thieves in the United States and change the definition of identity theft to include businesses and organizations instead of just individuals.[13]

Large U.S. corporations, such as Target Corporation, Home Depot, Neiman Marcus and Barnes & Noble, have been in the news after their credit card system was hacked.[14] In 2014, a malware intrusion at Staples resulted in a credit card breach. 119 stores were impacted between April and September 2014, and 1.16 million customer credit and debit cards may have been stolen.[15]

In October 2014 President Barack Obama announced that debit cards that transmit federal benefits like Social Security to Americans will be equipped with a security chip replacing the magnetic strip. The U.S. government will also apply the security chips and personal identification numbers (PIN), to replace signatures of all government credit cards. The measure is expected to reduce fraud. USA Today reported that an estimated 100 million people having been affected by breaches in 2014.[16]

In November 2014, Sony Pictures Entertainment suffered a data breach.[17] On December 18, 2014 employees of Sony have filed a class action lawsuit against their employer claiming that Sony failed to take necessary actions to secure its employees personal information.[18] The lawsuit was filed in U.S. District Court for the Central District of California .[19]

In 2015 there were 781 recorded data breaches in the United States, which compromised the security of over 169 million records.[20] The frequency and severity of data breaches has led forty-seven states to pass security breach notification laws,[21] to ensure that citizens are notified in a timely manner when their records have been exposed.

Medical identity theft in the United States[edit]

On February 5, 2015 The New York Times reported that 80 million identities may have been compromised when hackers broke into the web site of Anthem Inc.’s, the second-largest health insurance company in the United States. According to this report security specialists say that health care companies are not doing enough to protect their data. On February 6, 2015 the Times reported that medical identify theft is more lucrative than credit card theft. At one black-market auction a patient medical record sold for $251, while credit card records sold for 33 cents.[22][23][24]

See also[edit]


  1. ^ "Pain of identity theft on victim is palpable". Retrieved 23 September 2016. 
  2. ^ "Identity fraud hits new victim every two seconds". CNN. February 6, 2014. 
  3. ^ "IRS refunded $4 billion to identity thieves last year, inspector general's report says". CBS News. November 7, 2013. 
  4. ^ "IRS Combats Identity Theft and Refund Fraud on Many Fronts". Retrieved 23 September 2016. 
  5. ^ "ID theft, data breaches jumped 33 percent in 2010". NBC News. 5 January 2011. Retrieved 23 September 2016. 
  6. ^ McClatchy News Service (May 14, 2011). "Michaels investigates customer data breach, replaces debit pads". Mail Tribune. Retrieved August 7, 2011. 
  7. ^ Fry, Chris (July 14, 2011). "Class Slams Michaels for Data Breach". Courthouse News Service. Retrieved August 7, 2011. 
  8. ^ "Craft Retailer Michaels Warns of Possible Hacking". Thomson/Reuters. Retrieved 25 January 2014. 
  9. ^ "AG - Security Breaches - Target, Neiman Marcus, and Michaels". Retrieved 23 September 2016. 
  10. ^ "Couple Of Thieves: Man And Wife Duo Plead Guilty To Largest Identity Theft Case In U.S. History". Huffington Post. August 7, 2012. 
  11. ^ Skimming Off the Top; Why America has such a hiugh rate of payment-card fraud, 15 February 2014, The Economist
  12. ^ "H.R. 744 - All Actions". United States Congress. Retrieved 8 September 2014. 
  13. ^ "South Florida Reps File Bills To Crackdown On Identity Theft". CBS Local - Miami. 15 April 2013. Retrieved 8 September 2014. 
  14. ^ Harris, Andrew M (December 11, 2014). "Target Hack Victims May Have U.S. to Blame For Losing Out". Bloomberg. 
  15. ^ "Staples: 6-Month Breach, 1.16 Million Cards — Krebs on Security". 2014-12-19. Retrieved 2016-09-25. 
  16. ^ Gordon, Marcy; Lederman, Josh (October 17, 2014). "Obama announces plan to tighten card security". USA Today. 
  17. ^ "Sony Pictures Hack: How to Avoid Identity Theft". 3 December 2014. Retrieved 23 September 2016. 
  18. ^ Peterson, Andrea (December 19, 2014). "Lawsuits against Sony Pictures could test employer responsibility for data breaches". The Washington Post. 
  19. ^ "Sony Faces Employee Data Breach Class Action Lawsuit". Retrieved 23 September 2016. 
  20. ^ "P2PE: Point to Point Encryption for PCI Compliant Payments". Bluefin Payment Systems. Retrieved 2016-02-02. 
  21. ^ "Security Breach Notification Laws". Retrieved 2016-02-02. 
  22. ^ "Anthem Hacking Points to Security Vulnerability of Health Care Industry". The New York Times. 6 February 2015. Retrieved 23 September 2016. 
  23. ^ "Data Breach at Anthem May Forecast a Trend". The New York Times. 7 February 2015. Retrieved 23 September 2016. 
  24. ^ "Massive breach at health care company Anthem Inc.". Retrieved 23 September 2016. 

External links[edit]