A Javelin Strategy and Research study finds data breach the cause of only 6% of identity fraud. Online hackers, spyware, phishing and online transactions account for even less. About 30% stemmed from lost of stolen credit cards, wallets or checkbooks.
Despite publicity garnered by security breaches-including those that happen online-d data breaches are at the root of only 6% of reported identity theft online, according to a study by Javelin Strategy and Research. Data breaches in the study are broadly defined as lists of names and other attached information that pass from a repository for which they have been legitimately gathered unauthorized into the hands of others.
According to the survey, 5% of reported identity theft stems from computer viruses, spyware or hackers. Phishing is at the root of 3% of cases of reported identity theft. Online transactions are the cause of a very small percentage of reported cases-0.3%. The percentage breakdowns were based on the 47% of identity fraud victims surveyed who knew how their information had been fraudulently obtained.
Consumers` risk of identity fraud from sources other than data breach or Internet-related actions is much greater, Javelin’s study determined. About 30% of reported cases of identity theft stemmed from lost of stolen credit cards, wallets or checkbooks. Identity theft perpetrated by friends, acquaintances, relatives or in-home employees was responsible for an estimated 15% of identity fraud, as was identity theft from a corrupt business employee.
According to the survey report, given the relatively low incidence of data breach as the cause of identity fraud, “Strict automatic data breach notification laws regardless of risk to the victim will saddle businesses with costly and unwarranted requirements while providing little protective value to consumers.” The report concludes that focusing on other areas of exposure for consumers could have a greater payoff in risk reduction.