THE SCOPE OF IDENTITY THEFT

The 2016 Identity Fraud Study, released by Javelin Strategy & Research, found that $15 billion was stolen from 13.1 million U.S. consumers in 2015, compared with $16 billion and 12.7 million victims a year earlier. In the past six years identity thieves have stolen $112 billion.

Following the introduction of microchip equipped credit cards in 2015 in the United States, which make the cards difficult to counterfeit, criminals focused on new account fraud. This type of fraud more than doubled and now accounts for 20 percent of all fraud losses. New account fraud occurs when a thief opens a credit card or other financial account using a victim’s name and other stolen personal information.

IDENTITY THEFT AND FRAUD COMPLAINTS

The Consumer Sentinel Network, maintained by the Federal Trade Commission (FTC), tracks consumer fraud and identity theft complaints that have been filed with federal, state and local law enforcement agencies and private organizations. Of the 3.1 million complaints received in 2015, 16 percent were related to identity theft.  Identity theft complaints increased by more than 47 percent from 2014, they were the second most reported after illegal debt collection. The FTC identifies 30 types of complaints. In 2015 debt collection complaints displaced identity theft in the top spot among complaint categories for the first time in 16 years, due in large part to a surge in complaints related to unwanted debt collection mobile phone calls.

Identity Theft And Fraud Complaints, 2012-2015 (1)

169_2017.gif

(1) Percentages are based on the total number of Consumer Sentinel Network complaints by calendar year. These figures exclude “Do Not Call” registry complaints.

Source: Federal Trade Commission, Consumer Sentinel Network.

View Archived Graphs

See also the Identity Theft section of our Web site Click Here

CYBERCRIME

As businesses increasingly depend on electronic data and computer networks to conduct their daily operations, growing pools of personal and financial information are being transferred and stored online. This can leave individuals exposed to privacy violations, and financial institutions and other businesses exposed to potentially enormous liability if and when a breach in data security occurs.

Interest in cyber insurance and risk continues to grow as a result of high-profile data breaches and awareness of the almost endless range of exposure businesses face. A 2016 data leak, called the Panama Papers in the media, exposed millions of documents from the electronic files of Panamanian law firm Mossack Fonseka. In 2015, two health insurers, Anthem and Premera Blue Cross, were breached, exposing the data of 79 million and 11 million customers, respectively. The U.S. government has also been the target of hackers. Recent breaches at the Federal Deposit Insurance Corp. and the Internal Revenue Service follow multiple breaches in May 2015 of the Office of Personnel Management and the Department of the Interior where the records of 22 million current and former U.S. government employees were compromised.

Cyberattacks and breaches have grown in frequency, and losses are on the rise. In 2014 the number of U.S. data breaches hit a record 783, with 85.6 million records exposed, not counting Yahoo’s 2014 breach, announced in September 2016, which affected over 500 million users and was suspected of being a state-sponsored attack. The number of breaches in 2015 was about the same at 781, but the number of records exposed doubled to about 169 million. The majority of the data breaches in 2015 affected medical/healthcare organizations (66.7 percent of total breaches) and government/military (20.2 percent), according to the Identity Theft Resource Center. These figures do not include the many attacks that go unreported. In addition, many attacks go undetected. Despite conflicting analyses, the costs associated with these losses are increasing. McAfee and the Center for Strategic and International Studies (CSIS) estimated the likely annual cost to the global economy from cybercrime is $445 billion a year, with a range of between $375 billion and $575 billion.

The costs of cybercrime are growing. An annual study of U.S. companies by the Ponemon Institute cites estimated average costs at $15 million in 2015, up 21 percent from $12.7 million in 2014. These costs ranged among the 58 organizations surveyed from a low of $1.9 million to a high of $65 each year per company. Cyber insurance evolved as a product in the United States in the mid- to late-1990s as insurers have had to expand coverage for a risk that is rapidly shifting in scope and nature. More than 60 carriers offer stand-alone policies in a market encompassing $2.75 billion in gross written premiums in 2015. By mid-2016 gross premiums written was estimated at $3.25 billion.

Number Of Data Breaches And Records Exposed, 2006-2016

167_2017.gif

(1) As of September 27, 2016.

Source: Identity Theft Resource Center.

View Archived Graphs

Cybercrime Complaints, 2011-2015 (1)

168_2017.gif

(1) Based on complaints submitted to the Internet Crime Complaint Center.

Source: Internet Crime Complaint Center.

View Archived Graphs

Source: Insurance Information Institute, “Identify Theft and Cybercrime” http://www.iii.org/ website. Accessed January 26, 2017. http://www.iii.org/fact-statistic/identity-theft-and-cybercrime

© Copyright 2017. All rights reserved. This content is strictly for informational purposes and although experts have prepared it, the reader should not substitute this information for professional insurance advice. If you have any questions, please consult your insurance professional before acting on any information presented. Read more.