Data Breaches as Risk Factors for Identity Theft and Fraud

• In Event: Identity Theft & (Tele)Fraud

Abstract

In 2021 and 2022, over 2.6 billion personal information were breached. In 2021, an estimated 23.9 million persons in the U.S. reported being victims of identity theft during the past year (NCVS Identity Theft Supplement 2021). Data breaches and identity theft are becoming frequent as the Internet and technology become part of our lives. Data has become a target for cybercriminals, who sell or use stolen data for other types of cybercrime, such as identity theft and fraud. As such, organizations must notify impacted individuals when a breach is likely to result in higher risks. Using data from the National Crime Victimization Survey – Identity Theft Supplement 2021 (n = 63978), this study explores 1) the risk of data breaches on identity theft victimization and 2) the effects of protective measures against identity theft, such as shredding documents, frequently changing passwords, and using security software. Results show that individuals who have received a data breach notification will likely be victims of identity theft and fraud. Shredding documents with personal information and frequently checking credit reports are predictors of being less likely to be a victim of identity theft and fraud. Policy implications on data breaches and cybersecurity are discussed in detail.

Author

• Vivian Guetler, University of Northern Colorado