A study released Wednesday shows one in four consumers who receive a data breach letter become the victim of identity fraud. That statistic represented 12.6 million victims last year — one million more than the year before, according to the 2013 Identity Fraud Report released by Javelin Strategy & Research.

“This past year was one where there were both successes and setbacks for consumers, institutions and fraudsters,” said Jim Van Dyke, CEO of Javelin Strategy & Research, in a prepared statement. “Consumers and institutions are now starting to act as partners—detecting and stopping fraud faster than ever before. But fraudsters are acting quicker than ever before and victimizing more consumers. Consumers must take data breach notifications more seriously and maintain vigilance to safeguard personal information, especially Social Security numbers.”

Javelin researchers have conducted the annual study for 10 years, most recently by launching an address-based survey of 5,249 U.S. consumers. According to a news release, this is the nation’s longest-running study of ID fraud with 48,200 participants in the past decade. This latest survey was conducted with assistance from CitiGroup Inc., Intersections LLC and Visa Inc.

Among key findings:

–The amount stolen in 2012 increased to $21 billion, higher than the past three years but nothing compared to 2004’s $47 billion.

–Almost one in four consumers that received a letter letting them know their data had been compromised became a victim of identity fraud. “This underscores the need for consumers to take all notifications seriously. Not all breaches are created equal. The study found consumers who had their Social Security number compromised in a data breach were 5 times more likely to be a fraud victim than an average consumer.”

–Consumer information was misused for all types of fraud, such as credit cards, loans and mobile phone bills, for an average of 48 days in 2012, down from 55 days in 2011 and 95 days in 2010. “More than 50 percent of victims were actively detecting fraud using financial alerts, credit monitoring or identity protection services and by monitoring their account.”

–Some 15 percent of all fraud victims changed their online behavior and avoid smaller merchants, moreso than those that avoid gaming sites or larger e-commerce sites.

“While credit card numbers remain the most popular item revealed in a data breach, in reality other information can be more useful to fraudsters. Personal information such as online banking login, username and password were compromised in 10 percent of incidents and 16 percent of incidents included Social Security numbers,” the statement said.

“It’s not just online fraud or data breaches. More than 1.5 million consumers were victims of familiar fraud, which is fraud when victims know the fraudster. Lower income consumers were more likely to be victims of familiar fraud. The information most likely to be taken via familiar fraud includes name, Social Security number, address and checking account numbers.”

Categories: Data Breaches