13 February 2016

Data breach hype is misleading consumers - study

14 September 2006  |  10364 views  |  0 Digital Abstarct

Despite the hype, data breaches were responsible for only six per cent of all known cases of ID fraud in both new and existing accounts over the past year, according to a US study by Javelin Strategy and Research.

But publicity surrounding recent high profile data breaches has created the wrong assumption among consumers that security breaches are the leading cause of ID fraud, says Javelin.

The research - which looks at the relationship between data breaches and actual occurrences of ID fraud - found that public notifications of breaches reached into the tens of millions last year, but identity fraud only increased four per cent.

The study found that the known leading causes of ID fraud were found to be lost or stolen wallets, cheque books and credit cards, which account for 30% of ID fraud. Other causes include data stolen by friends, acquaintances, relatives or corrupt employees.

Around a third (30%) of consumers were victims of a data breach during the 12-month Javelin study, but data breaches were responsible for only six per cent of all known cases of ID fraud in both new and existing accounts. Less than one per cent of those whose data was lost were actually victims of identity fraud.

"When you compare the public attention that data breaches receive to other causes of ID theft, consumers are being misdirected on how to set overall priorities for guarding against identity fraud," says James Van Dyke, president of Javelin Strategy and Research. "It is clear that there are other areas of exposure that carry a far greater overall risk. Consumers should be empowered with awareness of all the causes so they can take appropriate steps to prevent ID fraud."

Javelin argues that national legislation could saddle businesses with costly and unnecessary burdens and distract consumers with unnecessary advice. But the consultancy accepts that laws are needed to set uniform national standards for consumer notice of data breaches.

Earlier this year a US House Committee approved a new data security law that requires companies that store confidential personal information to notify customers of any security breach.

In July US regulators called for the introduction of new rules that will require all banks to develop an identity theft prevention programme for customers that includes "red flags" to signal a possible risk of ID theft.

Comments: (0)

Comment on this story (membership required)
Log in to receive notifications when someone posts a comment

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board, sign up now.

Related blogs

Create a blog about this story (membership required)

Related stories

11 September, 2006
25 August, 2006
18 August, 2006
13 June, 2006
02 June, 2006
31 March, 2006
10 March, 2006
07 March, 2006
24 February, 2006
16 February, 2006
19 September, 2005

Top topics

Most viewed Most shared
UK sets out open banking API frameworkUK sets out open banking API framework
16038 views comments | 102 tweets | 89 linkedin
Deutsche Bank calls for co-operation with fintech firms on B2B servicesDeutsche Bank calls for co-operation with...
8895 views comments | 29 tweets | 30 linkedin
How to accelerate your fintech startupHow to accelerate your fintech startup
8501 views comments | 35 tweets | 9 linkedin
Is Paym a failure?Is Paym a failure?
7094 views 16 comments | 23 tweets | 16 linkedin
Visa issues API to offer consumer control over card transactionsVisa issues API to offer consumer control...
6497 views comments | 17 tweets | 28 linkedin

Featured job

up to £95K base, £190K OTE, benefits
London, UK

Find your next job