31 August 2015

Data breach hype is misleading consumers - study

14 September 2006  |  10239 views  |  0 Digital Abstarct

Despite the hype, data breaches were responsible for only six per cent of all known cases of ID fraud in both new and existing accounts over the past year, according to a US study by Javelin Strategy and Research.

But publicity surrounding recent high profile data breaches has created the wrong assumption among consumers that security breaches are the leading cause of ID fraud, says Javelin.

The research - which looks at the relationship between data breaches and actual occurrences of ID fraud - found that public notifications of breaches reached into the tens of millions last year, but identity fraud only increased four per cent.

The study found that the known leading causes of ID fraud were found to be lost or stolen wallets, cheque books and credit cards, which account for 30% of ID fraud. Other causes include data stolen by friends, acquaintances, relatives or corrupt employees.

Around a third (30%) of consumers were victims of a data breach during the 12-month Javelin study, but data breaches were responsible for only six per cent of all known cases of ID fraud in both new and existing accounts. Less than one per cent of those whose data was lost were actually victims of identity fraud.

"When you compare the public attention that data breaches receive to other causes of ID theft, consumers are being misdirected on how to set overall priorities for guarding against identity fraud," says James Van Dyke, president of Javelin Strategy and Research. "It is clear that there are other areas of exposure that carry a far greater overall risk. Consumers should be empowered with awareness of all the causes so they can take appropriate steps to prevent ID fraud."

Javelin argues that national legislation could saddle businesses with costly and unnecessary burdens and distract consumers with unnecessary advice. But the consultancy accepts that laws are needed to set uniform national standards for consumer notice of data breaches.

Earlier this year a US House Committee approved a new data security law that requires companies that store confidential personal information to notify customers of any security breach.

In July US regulators called for the introduction of new rules that will require all banks to develop an identity theft prevention programme for customers that includes "red flags" to signal a possible risk of ID theft.

Comments: (0)

Comment on this story (membership required)
Log in to receive notifications when someone posts a comment

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board, sign up now.

Related blogs

Create a blog about this story (membership required)

Related stories

11 September, 2006
25 August, 2006
18 August, 2006
13 June, 2006
02 June, 2006
31 March, 2006
10 March, 2006
07 March, 2006
24 February, 2006
16 February, 2006
19 September, 2005

Top topics

Most viewed Most shared
Android Pay could launch this week
6610 views comments | 26 tweets | 22 linkedin
SunGard system glitch causes havoc for BNY...
6398 views comments | 13 tweets | 12 linkedin
FIS opens Indian financial inclusion lab
6041 views comments | 14 tweets | 2 linkedin
Kenya's NIC Bank links to Twitter and What...
5795 views comments | 27 tweets | 15 linkedin
Wirecard bids for Worldpay - Bloomberg
5243 views comments | 10 tweets | 7 linkedin

Featured job

to $120K base, double OTE, benefits
New York City, NY or Boston, MA (USA)

Find your next job