|
Researchers
Report on Data Breach Increases, Criminal Misuse of IDs Stolen by
Employees and Consumer Costs (cont'd)
Among the findings revealed in the Javelin
Report were the following:
·
The rise in ID fraud incidents was due to economic
misfortune. Historically, higher rates of fraud occur when the
economy worsens. ID fraud remains substantially lower overall when
compared to the 2004 level of $60 billion.
·
Cost to consumers is down. The cost to consumers
decreased to $496 per incident from $718 in 2005. The lower cost per
incident is attributable to faster detection of the fraud, lower
fraud amounts, quicker resolution times as a result of industry
efforts and consumer education.
·
Fraudsters are moving much more quickly. In cases
where ID fraud was reported, 71 percent of the fraud incidents began
occurring less than one week from when the data was stolen. This was
up from 33 percent in 2005. This means fraudsters are more
sophisticated in their attacks and an increasing number of
“attacks of opportunity” in which people or businesses leave
data exposed.
·
Gender disparity is real. Women were 26 percent more
likely to be victims of ID fraud than men in 2008. This could be
because women make more purchase in stores, and more women than men
experienced breaches last year. Women also are less likely to use
tools that help detect fraud more quickly, such as email or mobile
alerts.
·
Low-tech methods are still the most popular. Lost or
stolen wallets, checkbooks and credit and debit cards were still the
most likely avenues of fraudsters’ attacks. Of the incidents in
which the method of access was known, these avenues totaled 43
percent of all incidents.
The Javelin Report also provides safety tips
to consumers on how to protect themselves from these fraud events.
It also suggests that businesses work closely with consumers to find
fraud quickly and resolve issues effectively. If businesses want to
maintain consumer trust, they must remain vigilant in safeguarding
data and continue to educate consumers on how to protect themselves
and respond to incidents, according to Steve Cole of the council of
Better Business Bureaus.
Workplace
ID Thieves
ID
Analytics, Inc. released the results of its groundbreaking internal
data theft study a few months ago. The report provides an
unprecedented analysis of the criminal behavior patterns associated
with the misuse of identities stolen from the workplace by
employees. The study’s findings also provide a better
understanding of the harm resulting from an internal vs. external
data breach.
Organizations
routinely invest significant resources to ensure the confidentiality
of customer and employee information. However, intentional data
theft and unintentional data loss by authorized employees continue
to be the most common sources of data breaches. To date little has
been done to study and understand how stolen data is exploited once
it leaves an organization.
The
ID Analytics study, Analysis of Internal Data Theft, sought to
expose how, where and when employees misuse data stolen from the
workplace. The research examined more than a dozen incidents of
internal data theft involving more than five million identities from
consumer and employee files across organizations in the government,
education, and commercial sectors. Of these, eight incidents
ultimately led to more than 1,300 cases of attempted fraud targeting
bank card, retail card, and wireless providers.
Key
findings from the study include:
·
Organized
misuse ranged from three percent (data leak caused by mishandling
data) to 36 percent (targeted employee data theft of the identities
stolen).
·
The
identities associated with these internal incidents were up to 24
times more likely to be misused than the average
U.S.
consumer identity.
|
