February 08, 2011, 4:51 PM — Identity theft related to credit and debit cards dropped by 28% in 2010 over 2009--but the out-of-pocket cost to victimized consumers rose by 68%.
The "2011 Identity Fraud Survey Report," from Javelin Strategy & Research, is based on a survey of 5,004 adults, and concludes there was a steep drop in the number of identity fraud victims, mainly due to a drop in fraud associated with existing payment cards. Payment-card fraud dominates but the report also includes checking-account fraud and other non-card fraud.
The study indicates that the number of identity theft victims fell about 3 million in 2010 over 2009. The report says total dollar amounts dropped by 34% from $56 billion in 2009 to $37 billion last year. The mean fraud amount per victim dropped from $4,991 in 2009 to $4,607 last year.
Last year there was a year-over-year rise in the mean out-of-pocket cost to those who did suffer payment-card-related fraud, from $335 in 2009 to $565 last year. Resolution of an identity fraud problem increased from 21 hours to 26 hours in 2010. Credit-card only victims are said to be 57% of the existing card totals examined in 2010, down from 65% in 2009, "while the number of debit-only fraud victims grew to 36% in 2010, up from 26% the previous year."
The report defines consumer costs as any unreimbursed monetary losses and lost wages, legal or credit-monitoring costs related to resolving the fraud.
The rise in consumer costs is believed to be due to a rise in new accounts fraud, where a criminal steals identity information and opens a new payment-card account.
"New account fraud not only is harder to detect and resolve but creates fraud victims who are more negatively impacted by identity fraud," the report states. The study went onto state 14% of U.S. fraud victims in 2010 reported their personal information stolen by a family member, friend, co-worker or other person they knew -- with the mean fraud amount significantly higher at $8,233.
Not surprisingly, those who were notified about a data breach were more likely to suffer identity theft. In 2010, there were 407 publicly reported incidents of a data breach at U.S. firms, for a total of 26 million exposed records. This was dramatically down in comparison to 2009 when there were 607 instances and 221 million known records exposed.