MADISON, Wis. (3/10/11)--Concerned about media reports of a recent study that said identity fraud had dropped in 2010, CUNA Mutual Group's risk managers are warning that the finding goes against their experience. Their message: Don't let your guard down on ID fraud. The Identity Theft Resource Center's (ITRC) 2010 Data Breach Stats indicate that ID theft is alive and well. During the year, 662 breaches compromised records of nearly 16.2 million potential victims. (ITRC defines "breach" as an event in which an individual's name plus Social Security number, driver's license number, medical record, or a financial record/credit/debit card is potentially put at risk, either in electronic or paper format.) Of those, financial institutions accounted for 54 breaches, or 8.2%, and nearly 4.9 million records compromised. That is 30% of all records compromised, the second highest percentage of potential victims in the five institutional categories studied. Eight credit unions--about 6.75% of financial institutions breached--experienced data breaches. The number of records exposed to fraud at the credit unions is unknown, said ITRC's report. Credit unions are also vulnerable through data breaches of other groups, some of them within select employee groups or doing business with credit union members' accounts. Total breaches, broken down by category of institution breach:
* Businesses accounted for 279 (or 42.1%) of the year's breaches, which affected more than 6.6 million records (41% of total records compromised). * Educational organizations--colleges, universities and public school systems--experienced 65 or 9.8% of breaches, compromising nearly 1.6 million or 9.9% of records. * Government/military institutions totaled 104 breaches (15.7%) with more than 1.2 million records (7.5%) compromised. * Medical/healthcare breaches totaled 160 or 24.2% and accounted for nearly 1.9 million (11.6%) of records.
CUNA Mutual took issue with another study, by Javelin, which reported last month that the number of ID fraud instances reported had decreased, although these thefts were costing consumers more. "ID theft is still a serious consumer issue with global fraud implications regardless of where the breach occurs, which is why reporting exposure in conjunction with actual thefts makes more sense to me," said Brad Mundine, senior manager, risk management at CUNA Mutual. "We should all take caution in interpreting the results and conclusions of any single survey. While a sample of telephone respondents may have reported
a significant drop in ID thefts, millions of other American consumers might tell a slightly different story." In the ITRC survey, the four largest breaches involved Educational Credit Management Corp., with 3.3 million records compromised; JPMorganChase-Circuit City, with 2.6 million records; and AV Medical Health Plans and Lincoln National Financial Securities, with 1.2 million records each. Growth in the international nature of ID theft is a top concern in 2011, warns ITRC. "Victims may very well find credit/debit card charges emanating from global transactions in Europe, Africa and Asia." With the depth of identity theft, credit unions will continue to be challenged with providing solutions to protect their members, said Mundine and Ken Otsuka, senior consultant, risk management at CUNA Mutual. Another survey, Kroll Fraud Solutions' 2010 Global Fraud Survey, reported that information theft is now the most common form of fraud, with 27% of companies reporting incidents in the past year. Information theft surpassed the theft of physical property for the first time in the four-year history of the Kroll survey. "While credit unions have taken commendable measures and made progress to protect member information, identity theft remains a significant threat and should not be taken off their radar in 2011," said Mundine and Otsuka. "The techniques used by criminals today are constantly evolving," they said. "Identity theft is a major source of financing for organized crime rings, both domestically and abroad. Data theft scams can be deployed through a variety of channels including the installation of malicious malware, phishing, spoofing, skimming and database hacking, all of which are designed to compromise the repositories of consumer data," they said. "ID theft remains a significant problem that isn't going away anytime soon," said Phil Tschudy, CUNA Mutual manager of media relations. "And we recommend credit unions and their members remain vigilant over the threats this criminal act causes."