Filed Under:Risk Management, Cybersecurity

6 factors impacting identity theft risks

The impact of identity theft continues to grow, but new tools are making it easier for companies to predict trends and identify risks earlier. (Photo: Shutterstock)
The impact of identity theft continues to grow, but new tools are making it easier for companies to predict trends and identify risks earlier. (Photo: Shutterstock)

The threats posed by cyber attacks and identity theft continue to grow as cyber criminals always seem to be on offense while consumers and insurers are on defense.

A study recently released by Javelin Strategy and Research found that cyber criminals stole more than $16 billion from over 15 million U.S. consumers last year.

A new risk assessment tool, the Identity Threat Assessment and Prediction (ITAP) model developed by the University of Texas at Austin Center for Identity, provides unique insights based on research into the behaviors and methods of identity threats, and aggregates the information to help risk managers assess dangers and vulnerabilities. The information in the ITAP database is collected from news stories and other sources, and the repository currently holds data from more than 5,000 incidents that occurred between 2000 and 2016. Researchers apply a number of analytical tools to this information in order to compare threats, and identify trends and losses.

As a result of their examination of the information, researchers have identified six key takeaways, as well as other data that help to paint a broader picture of the impact of identity theft on consumers and businesses. Here is a look at some of their findings.

Related: Cyber readiness: Are your clients prepared?  

woman typing on keyboard

(Photo: Shutterstock)

1. People make mistakes


The researchers found that human error is a major driver when it comes to identity theft and that hackers frequently exploit vulnerabilities created by mistakes people make. However, approximately 17 percent of the incidents where personally identifiable information (PII) was compromised were termed “non-malicious” or not instigated by hackers, but by individuals without malicious intent.

Related: Evolving cyber concerns create gaps in homeowners’ coverage

map of Tampa, Florida

(Photo: Shutterstock) 

2.  Impact is usually local


Despite the activities of hackers around the globe, the impact of identity theft where PII was compromised seems to be more localized to specific cities, counties, states and regions. The study found that over 99 percent of the cases were limited to either a local geographic area or a particular type of victim. Only 0.36 percent of the theft incidents actually involved the entire country like the Target or Home Depot breaches.

The states with the greatest number of cases of compromised PII were California, Texas, Florida, New York, Georgia, and Illinois according to the ITAP model.

Related: 5 trends and factors that continue to impact cybersecurity in 2017

man overwhelmed by cyber threat

(Photo: Shutterstock) 

3.  The cost is not always monetary


While there are very real financial costs associated with any type of data breach or loss of PII, a larger number of individuals who become victims suffered from emotional stress than those who had actual monetary losses. The University of Texas at Austin researchers found that the “emotional impact is consistently higher than other types of loss.”

The ITAP model identified four different types of loss and the percentages of loss experienced by victims:  Emotional distress (72 percent); financial (57 percent); property (56 percent) and reputation (41 percent).

Annual income of the victims doesn’t really seem to come into play either, although 73 percent of adults had their PII compromised as compared to 8 percent of teenagers and 21 percent of seniors.

Related: Not all data breaches are created equal

woman working on her laptop

(Photo: Shutterstock)

4. Insiders pose a serious threat


While unknown hackers or foreign countries perpetrate the majority of attacks (62 percent), the researchers found that one-third (34 percent) of the incidents involving compromised PII originated from company employees or family members of affected individuals.

Perpetrators utilize a number of resources to steal the information including computers, databases, computer networks, malware and stolen credit cards. ITAP also differentiates between the various perpetrators involved in identity crimes. Hackers tend to exploit digital or computer-based vulnerabilities, while fraudsters are usually involved in exploiting the information which has been stolen by the actual thieves.

Related: Accenture says one-third of corporate cyber attacks succeed

website address

(Photo: Shutterstock) 

5. Cybersecurity isn’t always the cause


More than 50 percent of the incidents involving identity theft, fraud or abuse identified by the ITAP did not originate from vulnerabilities that were exploited.

Financial losses were associated with particular attributes as part of the ITAP analysis. These were the top five identified: Magnetic stripe ($28.9 million); ATM pin ($24.2 million); fake identification card information ($15.1 million); financial information ($13.7 million) and age ($11.9 million).

Related: Hackers are targeting your smart devices

man on iPad looking at financial data

(Photo: Shutterstock

6. Identity crime affects all industries


Hackers are indiscriminate when it comes to choosing victims. The ITAP analysis found that a wide range of public and private sectors are impacted with the top five sectors identified as: consumer/citizen; healthcare and public health; government facilities, education and financial services.

The research effort was support by several organizations that focus on cyber protection: LifeLock, TransUnion, Safran, LexisNexis, HID, Generali Global Assistance, and Applied Fundamentals Consulting.

Related: Cyber crime: How architects, engineers and contractors may be at risk

Featured Video

Most Recent Videos

Video Library ››

Top Story

What bugs consumers about their insurance companies?

What most upsets consumer about their insurance companies? There may be different answers in different states, but now we know how consumers feel in one state in particular.

Top Story

9 P&C insurers on Forbes' 300 best midsize employers list for 2017

These 9 property & casualty insurance companies — with between 1,000 and 5,000 workers — were rated tops by their employees.

More Resources

Comments

eNewsletter Sign Up

PropertyCasualty360 Daily eNews

Get P&C insurance news to stay ahead of the competition in one concise format - FREE. Sign Up Now!

Mobile Phone

Advertisement. Closing in 15 seconds.