The types of attacks that lead to medical identity theft are not unlike other types of identity theft: family member stole the credentials (36%), don't know the vector of the breach (17%), the breach was at a health care provider (14%), malicious employee at a health provider's office (10%), lost wallet (9%), mailed statement intercepted by criminal (8%), and phishing attack (6%).
Leuer believes that, unlike financial identity theft, medical identity theft is not on the top of peoples' minds. "When people lose their wallets, they'll think to replace their driver's license and they'll call their credit card companies but they won't think to report their health insurance card," she says. "Hopefully, we think, the increased mandatory reporting of health breaches will drive more needed awareness about medical ID theft," she says.
Earlier this month, the Federal Trade Commission released its annual consumer fraud report, and for 11 years straight identity theft topped the list of complaints with 9 million Americans falling victim every year.
When not hunting for his lost wallet, George V. Hulme writes about security and technology from his home in Minneapolis. You can also find him tweeting about those topics on Twitter @georgevhulme.