I wanted to take a few minutes to talk about identity thieves themselves. This may not be as important as knowing the 7 types of identity theft , or how to protect yourself from identity theft, but for those who have been a victim having an idea who commits identity theft will generally give you an idea of the work ahead.
Identity thieves generally fall into three different categories. Each category has specific characteristics or signs, and you must guard against them differently. Since each category affects different types of victims, the number of victims a specific identity thief will harm varies.
Organized Identity Theft
Whenever you read about a data breach that compromises tens or hundreds of thousands of records, you have good cause to be alarmed if that particular company or organization has your information. Identity thieves who go after this many records plan on wholesaling the information they collect. Since there are so many records, there is no telling when you will actually become a victim of identity theft, or even if you will. (The standard response for a company that has had a data breach is to offer credit monitoring for a year to the victims, usually picking up the tab, but it’s easy to see that this response is a completely inadequate solution.)
It’s also good to know that not every major data breach indicates the work of organized identity thieves. A stolen laptop is the perfect example. More often than not, a stolen laptop represents a simple theft of goods as opposed to someone looking for information to commit identity theft. The fact that the laptop has personal information on it is often incidental. Most victims of a data breach focus on this fact, and recklessly shrug off the idea that they may become a victim of identity theft.
It doesn’t make any difference, however, when it comes to most breach notification laws. Simply losing the information triggers the notification requirements.
Identity Theft Rings
Not all organized identity theft is associated with data breaches. Identity theft rings may pull together several individuals to collect very usable information. For example, there may be mailbox snoopers, card skimmers at restaurants, and Dumpster divers working to get information to a couple of individuals.
While data breach victims may not become identity theft victims for years, (or ever,) victims of identity theft rings have a great probability of becoming identity theft victims very quickly, because there is already a market for the information.
These identity thieves will often use the information they collect for financial identity theft, but there is a much greater risk of social security fraud and criminal identity theft, largely due to illegal immigration. The victims of data breaches involving medical and insurance organizations have the highest risk of medical identity theft.
You cannot prevent organized identity theft, because you cannot control your information if it is given to a company. Although there are identity theft protection laws such as FACTA and HIPAA, businesses have been slow to comply with these laws. Our judicial system has taken the teeth out of these laws through various decisions, such as the Supreme Court decision that an illegal immigrant has committed no crime if they did not know the social security number they used belonged to an American citizen. In fact, there have been a few suits brought against companies for data breaches, but these have been dismissed either because the plaintiff had not become a victim of identity theft yet, or could not prove the identity theft was a result of the data breach.
This is probably the biggest reason to have an identity protection program. There are so many factors out of your control, and nobody is being held accountable for losing your information despite various laws.
Your guide recommends looking into some sort of identity theft protection program. But even with that, count on an uphill battle when you become a victim.