WASHINGTON — Identity theft is an even greater problem than initially thought by federal officials, but Internet sites that collect personal information are not a significant contributing factor, according to a new report released Wednesday by the Federal Trade Commission (FTC).
In what Howard Beales, director of the FTC’s Bureau of Consumer Protection, calls the “definitive study at the moment,” the agency’s survey shows that 27.3 million Americans have been victims of identity theft in the last five years, including 9.9 million people in the last year alone.
According to the survey, last year’s identity theft losses to businesses and financial institutions totaled nearly $48 billion and consumer victims reported $5 billion in out-of-pocket expenses.
“These numbers are the real thing,” said Beales. “For several years we have been seeing anecdotal evidence that identity theft is a significant problem that is on the rise. Now we know. It is affecting millions of consumers and costing billions of dollars. This information can serve to galvanize federal, state, and local law enforcers, the business community, and consumers to work together to combat this menace.”
Sixty-seven percent of identity theft victims — more than 6.5 million victims in the last year — report that existing credit card accounts were misused and 19 percent reported that checking or savings accounts were misused. The survey also found in the past 12 months that 3.23 million consumers discovered that new accounts had been opened, and other frauds such as renting an apartment or home, obtaining medical care or employment, had been committed in their name.
In those cases, the loss to businesses and financial institutions was $10,200 per victim. Individual victims lost an average of $1,180. Where the thieves solely used a victim’s established accounts, the loss to businesses was $2,100 per victim. For all forms of identity theft, the loss to business was $4,800 and the loss to consumers was $500, on average.
The Internet, however, was not being blamed.
“We don’t know of any particular problem with Web sites that use SSL encryption to protect records,” Beale said.
According to the survey results, 52 percent of all ID theft victims, approximately 5 million people in the last year, discovered that they were victims of identity theft by monitoring their accounts. Another 26 percent, approximately 2.5 million people, reported that they were alerted to suspicious account activity by companies such as credit card issuers or banks. Another 88 percent reported that they first learned when they applied for credit and were turned down.
While most identity thieves use consumer personal information to make purchases, the survey reports that 15 percent of all victims — almost 1.5 million people in the last year — reported that their personal information was misused in non-financial ways, to obtain government documents, for example, or on tax forms. The most common non-financial misuse took place when the thief used the victim’s name and identifying information when stopped by law enforcement or caught committing a crime.
The survey also shows that 51 percent of the victims, approximately 5 million victims, say they know how their personal information was obtained. Nearly one-quarter of all victims said their information was lost or stolen, including lost or stolen credit cards, checkbooks or social security cards. Stolen mail was the source of information for identity thieves in four percent of all victims.