Nondigital, analog theft is main driver in identity theft

Although identity theft is frequently associated with mega-data breaches such as the Target breach in 2013, new research from the Center for Identity at The University of Texas at Austin has found that old-fashioned "analog" theft is the major driver in identity-related crimes.

The findings, detailed in the newly released "2017 Identity Theft Assessment and Prediction Report," shed light on the criminal processes behind identity theft. The report found that approximately 50 percent of identity theft incidents analyzed between 2006 and 2016 resulted from criminals exploiting nondigital vulnerabilities, such as empty prescription drug bottles or sensitive paper documents. In other words, vulnerabilities caused by human error are often used by identity theft fraudsters.

The report also found that despite the attention high-profile nationwide data breaches receive, the majority of identity theft cases – 99 percent – were confined to a local geographical area, smaller businesses or certain victim profiles. Additionally, the research found that "insider threat" played a role in 34 percent of cases, meaning employees of companies or family members of individuals had a role in one-third of identity theft cases analyzed.

"These new findings leave no doubt that criminals are taking advantage of nondigital vulnerabilities to cause significant financial, reputational and emotional distress for their victims and the organizations who hold their personally identifiable information," said Suzanne Barber, director of the Center for Identity. "Protection of sensitive personal identifiable information requires diligence across what we call the 'ID360 of identity' encompassing the technology, processes and people accessing, storing and using these valuable identity assets."

The report was developed by the Identity Center's Theft Assessment and Prediction project in conjunction with several industry partners. The analysis included statistics from more than 5,000 cases of identity theft and other identity-related crimes that were recorded throughout the 16 critical infrastructure sectors of the Department of Homeland Security.

Additionally, the research showed that identity theft reached across all consumer sectors, with the top five most affected being consumer/citizen, health care and public health, government facility, education and financial services.

"The data show that no market sector is safe from the threat of identity theft," Barber said. "The overall findings provide more clarity on these issues and dispel widely reported misinformation about them. The general public and organizations of all types would be well served to educate themselves so that they may better protect against these pervasive hazards."

Explore further: Medical identity theft incidents increasing

More information: Identity Threat and Assessment Prediction (ITAP): identity.utexas.edu/research-projects/identity-threat-and-assessment-prediction-itap