Exploring Identity Theft Statistics in the Age of Data Breaches

DataProt is supported by its audience. When you buy through links on our site, we may earn a commission. This, however, does not influence the evaluations in our reviews. Learn More.

The internet has created a culture of oversharing. Social media, online shopping, and similar online services have made us reckless with how much personal information we make public. 

Companies leaking massive amounts of personally identifiable information (PII) in large-scale data breaches have caused significant problems, as identity theft statistics show. The deep web black market for stolen data is thriving. For next to nothing, you can buy Social Security numbers, names, bank accounts, and other sensitive info. 

The following article contains a foreign roundup of identity theft facts and statistics from various government and independent sources.

Shocking Identity Theft Statistics

  • Victims spend over six months and 200 hours trying to recover their identities.
  • There was over a 1.1 million increase in reports of identity theft In 2022 over the past year.
  • New account fraud cost American consumers more than 30% higher than in 2021.
  • Consumers worldwide lost $8.8 billion to identity theft in 2022.
  • In 2022, there were 5.7 million reports of fraud and identity theft.
  • Georgians report the most significant number of identity theft cases, while people in Vermont have the fewest.
  • About 1 out of 3 Americans have become victims of identity fraud.
  • The average loss of victims to identity theft is $500.
  • The average age of identity fraud victims is 30 to 39 years.

Identity Theft Definition

Identity theft is the misuse of personally identifiable information. It usually includes at least one of these three incidents:

  • Misuse of an existing financial account, also known as account takeover (ATO)
  • Opening a new financial report with the victim’s credentials
  • Use stolen information for other non-financial purposes, such as Social Security identity theft.

The Number of Identity Theft Cases

Carefully outlined below are the number of reported identity theft cases and the victims showing that if not looked into, identity theft will skyrocket in years to come.

1. In 2022, there were 5.7 million reports of fraud and identity theft.

(Identity Theft.org) 

The overall number of victims is still on the rise, however. In 2021, there were 4.7 million victims of identity theft, which increased to 5.7 million in 2022, a 1.1 million increase over the past year.

2. 33.3% of consumers worldwide have made online purchases. 


The number of consumers that buy products online has increased to 2.64 billion, making up 33.3% of the world population. This is one of the main reasons identity theft numbers are in the millions. Sharing payment information is the precursor to most identity theft incidents.

3. 86% of consumers worldwide have been victims of online identity theft.

(Global Newswire)  

According to statistics, the victims of online identity theft sprung from online shopping consumers after purchasing an item. However, 51% of consumers were targeted through phishing emails. 

This entails that online users should be wary of their personal information when shopping or purchasing, ensuring their data is safe from identity thieves. 

4. About 1 out of 3 people fell prey to fraudsters.


Around 1 in 3 Americans fell prey to identity theft, proving the prevalence of fraud with no end in sight. Decreasing identity theft is linked to increased EMV credit card use. 

Contactless cards make it difficult to make duplicate counterfeits, which is the easiest way for fraudsters to use stolen information. However, the statistics of identity theft show a rise in new account and account takeover fraud.

5. About 22% of U.S. adults have suffered an account takeover (ATO).


When a fraudster hijacks an already existing account, that’s called an account takeover (ATO). According to statistics, 22% of U.S. adults have fallen victim to account takeover, with an average loss of around $12,000 per case. 

What Kinds of Information Get Stolen?

Ever thought of what kind of information these hackers look out for? Below are a detailed explanation along with the recent statistical figures. 

6. In 2021, loyalty and reward-point fraud rose by 80% compared to the previous year.


Peddling frequent flyer miles, gift cards, and hotel arrangements is a rising trend on the dark web. According to a recent study, loyalty program fraud increased nearly 80% yearly in 2021. 

People tend to check the loyalty points they’ve accumulated only when they want to use them. That makes them a perfect target for fraudsters who sell them on the dark web for a fraction of their face value. The information is usually harvested via phishing campaigns.

7. Medical identity theft statistics show that around 65% of victims must pay more than $13,000 to recover from having their medical identity compromised.


In a country that charges obscene amounts for even the simplest of medical procedures, medical identity theft is a crime that is bound to thrive.

Fraudsters use stolen Social Security numbers to access medical services and prescriptions in the victim’s name. Insurance companies don’t inform the victims, so they usually become aware of cybercrime through a suspicious report explaining the benefits.

The EoB is a document insurance companies send to their clients to inform them of services paid in their name. These can arrive at the victim’s doorstep three or more months after their name has been used.

Medical identity theft rates vary enormously according to location, with Florida residents the most likely to be targeted. The state’s elderly population may be the cause of that.

The Cost of Identity Theft 

The financial, emotional, and psychological cost of losing one’s identity can‘t be fully explained or understood by onlookers. It is better understood when you become a victim. 

Read on to find out the cost of identity theft and its impacts. 

8. 26% of identity theft victims are repeat victims. 


The Identity Theft Resource Center stated that victims of identity theft could also be attacked by identity theft again. Most of these victims lost more money in the second attack than in the first, causing significant psychological and emotional distress.

9. 32% of victims endure financial loss due to identity theft.


Identity theft not only causes problems with personal information and identity, but this also includes financial losses. According to statistics, 100% of the victims of fraud-related identity theft were contacted by debt collection agencies for fraudulent loans.

Insurance or credit card companies help with the immediate loss of funds most of the time. However, a consumers’ accounts are compromised, most victims cannot get their credit or money back or have their accounts secured to avoid being repeat victims.

10. New account fraud cost consumers $8.8 billion in 2022.


Fraudsters use stolen information to create new bank accounts and apply for loans, mortgages, credit cards, and other financial services. Federal Trade Commission data shows that consumers lost $8.8 billion to fraud in 2022, an increase of more than 30% in 2021.

11. Fraudulent transactions will reach $40.62 billion in 2027.

(EFT Sure) 

The cost of identity theft is increasing as criminals get their hands on increasingly sensitive data. According to estimations by financial analysts, fraudulent transactions reached  $40.62 billion in 2027 and $49 billion by 2030.

12. Victims spend over six months and 200 hours trying to recover their identities.

(Allstate Identity Protection)

A quarter of victims spend upwards of six months battling the credit unions, while 23% are still doing so after a full year. Recovering one’s identity can take days, weeks, and months because identity thefts differ; resolving them takes a unique process and technique.

13. A stolen identity – consisting of a name, Social Security number, and date of birth – can be sold for as little as $60-$80 on the dark web.


The demand is high for personal information, so you can only imagine what the supply is given the prices are so low. A complete fake identity – with name, address, phone, SSN, and email – costs as little as $60 to $80.

14. Victims of identity theft often suffer damaged relationships with friends and family; 36% of victims report they get into arguments with family members more often, and 55% feel they can’t trust their friends anymore.

(ITRC Aftermath report)

Having your identity stolen is an ordeal. Your bank account and credit score ratings are far from the only things that suffer. A traumatic event like this can also affect your relationship with family and friends.

In an ITRC survey of identity theft victims, 45% of respondents said they didn’t get enough support from their family, while 65% said the same about their friends.

How Does Identity Theft Happen?

This is a question that most people ask, and here are some answers to them.

15. The most significant enablers of identity theft are companies that leak sensitive information. There were a total of 1,802 data breaches in 2022.


The number of breaches skyrocketed by 126%, containing compromised records with personally identifiable information (PII). These are conservative estimates, with breaches without a determinable record count omitted.

The precursor to a large number of identity theft cases is data breaches. The ITRC classifies data breaches into the following categories:

  • Social Security number
  • Driver’s license number
  • Medical records
  • Financial records (credit/debit card information)
  • User names, emails, passwords, and other authentication data are not linked to the victim’s identity.

16. The average time for a fraudulent new account to be discovered is 30 days.


Many funds can be embezzled – sometimes with irreparable loss of face to the victim – in two months. Keep tabs on your bank accounts; you don’t want to wake up one morning, check your balance, scream, “Someone stole my identity!” and then realize you’re three months late.

Being vigilant is the cornerstone of having good protection against identity fraud. 

Victims of Identity Theft Statistics 

The victims of identity theft can be individuals, business owners, or organizations, and each party’s cost may vary. Identity theft statistics can’t be complete without mentioning the victims of this horrendous crime.

Find out more about victims of identity theft statistics below.

17. 74% say security is their top priority when dealing with funds online, but 72% say they would gladly provide more personal information if it meant they could enjoy a less-complicated payment procedure.


The more information the consumer provides, the smoother the transaction becomes. At the same time, the probability of that information getting misused also rises. Consumers would like the best of both worlds, which is currently simply impossible, judging by the latest identity theft statistics from 2023.

18. Physical biometrics instill the most powerful sense of security, with 74% saying they feel more confident in businesses that use them.


Passwords, CAPTCHA codes, and biometrics are called “friction-inducing” authentication procedures. They slow down the process and create a barrier meant to thwart criminals. Having to input a fingerprint has the most significant impact on the consumer’s perception of safety.

However, advanced types of identity authentication are never seen by the user. According to ID theft stats, data aggregation, behavioral biometrics, and passive device information can yield much better results than friction-inducing measures, which consumers have grown to expect.

19. 44% of consumers said they trust online banking and insurance service providers “completely” or “a lot.”


The smallest number of respondents said they trusted social media sites and apps: only 24%. The same percentage said they “do not trust social media sites/apps” at all, identity fraud statistics show.

20. 20% of companies worldwide are starting to comply with the GDPR in handling private consumer information.

(Super Office)

In 2018, the Cambridge Analytica scandal uncovered significant misuse of personal information by several apps on Facebook. Shortly afterward, the EU imposed a set of rules on big data companies called the General Data Protection Regulation (GDPR).

This set of rules was meant to increase transparency in how sensitive data is handled, which is one of the critical features of a safe and fair relationship between businesses and consumers. Consumers have more control over what they share, which makes it less likely that they get their identity compromised.

Now, companies all over the world are complying with the GDPR.

21. The U.S. proposed funding of $400 million for identity theft victims in 2023.

(The White House)

The U.S. government understood the risks and effects of identity theft on its victims. President Biden proposed a $400 million fund to aid identity theft victims in the recent funding brief. The funding will also help in creating features to prevent identity theft, such as:

  • Create an early warning system for identity theft
  • Provide help and recovery to victims
  • Offer grants and additional services to victims.

22. 46% of identity theft victims say they’re dissatisfied with how financial institutions and credit unions handle their cases.

(ITRC Aftermath report)

Victims must undergo interrogations, questionnaires, forms, and other bureaucratic torture to recover their identities. This accounts for a massive part of the trauma involved in identity theft. 

Imagine retelling the same humiliating and traumatic story to a never-ending line of disinterested interrogators, knowing that your identity thief will probably go unpunished.

The list of institutions that victims need to engage with includes but is not limited to

  • Credit issuers,
  • Credit reporting agencies,
  • Local law enforcement, and
  • Federal trade commission.

The reported dissatisfaction with each institution was similar across the board: around 42%. Credit issuers received the worst rating.

23. Over 1 in 10 identity theft victims don’t report the crime to the police.


According to identity fraud statistics published by the Bureau of Justice, most victims don’t contact the police. Sixty-eight percent handle it another way, such as reporting the crime to the credit union or bank. Even more worryingly, around 10% of victims think the police can’t help.

Identity Theft Victim Demographics

Identity theft has no age bracket, as the victims can be children, teenagers, and adults. Let’s see the current stats on identity theft victim demographics for 2023.

24. There are at least 10 states in the U.S. vulnerable to identity theft.

(Business Insider)

Identity fraud was most prevalent in Georgia, with 574 cases per 100,000 citizens. Vermont was the safest, with 90 identity theft cases per 100,000 people.

25. Females account for a slightly larger percentage (52%) of identity theft victims than males (47%).

(Money Transfers)

According to identity theft statistics, this difference is because women are slightly more likely to misuse their bank accounts, while credit card fraud is mostly the same across genders.

26. The average age of identity fraud victims is 30 to 39.


Most identity theft reported to the FTC in 2022 is from people aged 30 to 39, reporting about 286,890 cases of identity theft, while people aged 40 to 49 reported about 212,729 cases.

The majority of identity theft reports are in these three age groups:

  • 30 to 39 years old (30%)
  • 40 to 49 years old (22%)
  • 20 to 29 years old (18%)

27. White people have the most significant risk of becoming identity fraud victims at 71.44%.


White consumers are more likely to be victims of identity fraud than race. Identity thieves target Whites more due to a perceived notion of affluence. However, other races are also victims of identity theft:

  • Hispanic – 11.73%
  • Black – 9.0%
  • Asian – 5.15%
  • Other – 2.63%

28. More than 1.3 million children’s records are stolen each year.

(Exploding Topics)

Minors are usually the targets of “synthetic identities,” whereby fictitious identities are created using bits and pieces of disparate information. 

The fact that children’s Social Security numbers don’t have existing credit reports means they’re a clean slate, which gives them a lot of value to fraudsters. Inflicted damage is rarely discovered until it’s too late. Two-thirds of children who were compromised were under seven years old.

Avoiding Identity Theft

Despite identity theft statistics, you can practice ways to prevent this. Some general tips on reducing the probability of identity theft include;

29. Protect your data.

  • Be wary of who you share your social security number with.
  • Use a single credit card to make online purchases.
  • Don’t give payment information to third parties like cell phone providers – make the payments yourself. 

30. Keep good password hygiene.

  • Using the same password across multiple accounts is an obvious mistake many people make. If a criminal learns your password for one account, they will most likely try it elsewhere.
  • Use complex passwords – the most common password in 2017 was “123456789”, followed by “qwerty.”
  • Use password-manager software.
  • Use two-factor authentication wherever possible.

31. Keep your devices updated.

  • Be meticulous about updating your operating system.
  • Protect your devices with passwords.
  • If you’re not the only one using your device, turn off the automatic login feature. Social media identity theft is already familiar enough without you giving criminals an extra advantage.

32. Be wary of using public Wi-Fi. Always use a VPN when connecting to one.

33. Monitor accounts.

  • Keep a close eye on transactions being made in your name. The sooner you discover that someone has stolen your identity, the easier it will be to manage.

Who to Contact if You Think Your Identity Has Been Compromised?

If you suspect you are a victim of identity theft, you can report this to the authorities and local police or file a complaint online. 

You can file a report to the Federal Trade Commission or contact them at 1-877-438-4338. Alternatively, you can contact Equifax. Their identity theft hotline is 800-525-6285.

Suppose your e-filed tax return gets rejected because of a reported duplicate SSN. In that case, you should fill out Form 14039 – and the identity theft affidavit – which you can find at this link. The IRS identity fraud assistance department will guide you through you the process.

What to Keep an Eye on to Protect Yourself Against Identity Theft Concerning Tax Reports

Check the IRS identity theft guidelines and look out for the following warning signs:

  • The IRS contacts you about returns you didn’t file.
  • When you file your return, the electronic tax system warns you of a duplicate Social Security number.
  • You receive tax transcripts you did not ask for.
  • You are notified that a new IRS online account has been created in your name.
  • The IRS contacts you about tax-related issues for a year when you didn’t file a tax return.
  • The IRS alerts you of receiving wages or other income from an employer with whom you have not done business.


Identity theft can happen to anyone, and it is essential to take the indicated steps to prevent becoming a victim. It causes financial, emotional, and reputation loss to the victim, even if they have not done anything wrong, and as such, is a criminal offense. 

Therefore identity theft being a crime like any other, should be handled as such and dealt with, plus measures put in place to deal with them soon.


What is the difference between aggravated identity theft and identity theft?

Aggravated identity theft includes committing a crime with stolen information. Identity theft is just stealing information.

Aggravated identity theft prison sentences vary depending on the weight of the crime. If an act of terrorism is committed using another person’s identity, another five years is added to the sentence.

What is the most common form of identity theft?

Financial identity theft (Credit card fraud) is the most common form of identity theft.

According to the Federal Trade Commission, the number of thieves who created a new account from stolen information rose by 24% in 2018. This rising trend is likely due to EMV technology making it more challenging to reproduce already-existing cards.

What are the types of identity theft?

  • Credit card fraud
  • Employment or tax-related fraud
  • Phone or utility fraud 
  • Bank fraud
  • Loan or lease fraud
  • Government documents or benefits fraud
  • Other identity theft
  • Medical services
  • Online shopping or payment account
  • Email or social media
  • Evading the law
  • Insurance
  • Securities accounts

This is the classification in the Federal Trade Commission’s Consumer Sentinel data book from 2019.

What is the easiest way for identity theft criminals to get your personal information?

Purchasing breached data on the dark web.

Unfortunately, data breaches are totally out of your control. You’re at risk if you’ve ever left your payment information while paying for something, online or offline.

In 2018, the Marriott hotel chain discovered a data breach that had lasted for four years, during which 500 million visitor records containing payment information, lodging logs, and passport numbers were breached.

Can a passport number be used for identity theft?

A passport number alone can’t do much harm. However, if identity thieves have additional information, they can use the combination of data to construct an authentic-looking forgery.

Identity theft statistics show that the most significant breach of passport numbers happened in 2018 when the Marriott hotel chain reported over 380 million customers leaked records.

Leave a Comment

Scroll to Top