Login:
Password:
Lost Password?
Print this article  |  E-mail this article  |  Comment on this article

Study: ID Theft from Data Breaches Rare

By Ed Oswald, BetaNews

December 9, 2005, 12:12 PM

Detailed analysis of four separate data breaches involving a half-million identities indicates that misuse of the information could be lower than what some may expect. Identity risk management firm ID Analytics announced the results of the findings on Thursday.

Research suggests the level of the breach and how the data was lost contribute to the risk factor. For example, the firm separated the incidents into two categories, "identity-level," where names and social security numbers were stolen, and "account-level," where account numbers were stolen, occasionally tied to accountholders.

The study found that identity-level breaches pose the greatest risk. However, even here less than 1 in 1,000 identities were used for fraudulent purposes.

Fraud experts with the firm surmised that the reason for the low rate of misuse is likely due to the amount of time it takes to actually commit identity theft. Credit applications take an average of five minutes to fill out, and in order to fully utilize a file with one million identities it could take a half-century to do so, researchers say.

ID Analytics also suggested that notification of breaches seemed to slow use of that data for the purposes of identity theft. In any case, the firm says the study will help companies figure out how to best deal with the problem, and who is most at risk.

"The risk to consumers and businesses varies considerably based on the type and scope of the data breach, which is why we think assessing the degree of risk for a given breach is critical to determining the best next steps," said Mike Cook, ID Analytics' co-founder and vice president of product.

"The good news is not only that we have technology that can measure the risk of a breach, but that we can actually distinguish which sets of breached data are actively being used to commit fraud."

Add a Comment (3 Comments)

BetaNews reserves the right to remove any comment at any time for any reason. Please keep your responses appropriate and on topic. Foul language and personal attacks will not be tolerated.

Name (required):

E-mail (required):

Enter Your Comment:

By bisquik

posted Dec 12, 2005 - 2:52 PM

It's becoming more accepted that the internet/online shopping isn't the big culprit in ID/CC theft. I first heard this on NPR and then on 20/20 not too long ago. Think of it - if your CC# is stolen/misused, the first thing you think of is some internet transaction you made. Well, why not think about the hundreds of times you've used your card to buy gas, groceries or food at a restaurant? After all, at a restaurant you give your CC to the waiter and he disappears for 10 minutes! What happens during that time? ALOT COULD happen - he could have a cardreader in the back, or just simply write down all the information on the card. Theft is probably alot more complicated than this, but I have more confidence in shopping online (on my own PC mind you) than handing my CC to a stranger.

Score: 0

By aaqm358

edited Dec 9, 2005 - 10:19 PM

While I haven't had my identity used (yet) when stolen, my credit card number sure were. I've had CCs stolen three times from venders with on-line servers. Why go to all the trouble setting up new cards and credit lines, when the victim's are waiting for use.

Score: 0

By bourgeoisdude

posted Dec 9, 2005 - 1:01 PM

Finally some good news about this for a change. I'm still only sparingly using the web for buying things, and only when the website allows me to disable cookies on it when I make the purchase.

Score: 0

Sep 5 - 8:44 PM ET Mozilla's Aza Raskin: The journey back to Ubiquity

Sep 5 - 7:10 PM ET Red Hat buys virtualization specialist Qumranet

Sep 5 - 7:06 PM ET Analysts: Online news viewers rising as newspaper readership falls

Sep 5 - 6:55 PM ET Where does Sarah Palin stand on technology issues?

Sep 5 - 6:51 PM ET Adobe Flash to deliver NFL games in full

Sep 5 - 4:29 PM ET Exclusive beta invitation from GameTap and BetaNews

Sep 5 - 4:09 PM ET Report: OLPC buy one, give one deal returns

Sep 5 - 3:45 PM ET No ruling yet in TiVo vs. EchoStar patent case

Sep 5 - 3:37 PM ET Google Analytics starts tracking Chrome, with intriguing results

Sep 5 - 2:14 PM ET Comcast challenges FCC's authority in sanction appeal