Better ID Theft Statistics: 3% of US households in first half 2004
The 2004 National Criminal Victimization Survey [link to http://www.ojp.usdoj.gov/bjs/cvictgen.htm no longer works] includes ID theft data [link to http://www.ojp.usdoj.gov/bjs/abstract/it04.htm no longer works], for the first time. From a CSOOnline blog post, “DOJ Study: ID Theft Hit 3.6M In US:”
About 3 percent of all households in the U.S., totaling an estimated 3.6 million families, were hit by some sort of ID theft during the first six months of 2004, according to DOJ data set to be released Sunday.
The data comes from the Justice Department’s National Crime Victimization Survey, which interviews members of 42,000 households across the country every six months to better understand the nature, frequency and consequences of crime. Households that participate in the survey are selected at random and then interviewed by DOJ statisticians twice a year for three years.
In comparison, there were two robberies per 1,000 people. It’s not fair to say that you’re thus about 5 times as likely to be victimized by ID theft, because its households versus people, and you can’t just divide by 2.6 or the current average size of household.
I won’t get a chance to read in depth until later, but first blush, I’m very glad to see data in the same format and methodology as other crime data. As I wrote a few days ago in “Security Flaws and The Public Conciousness:”
Getting good statistics about what goes wrong requires a stream of stories about what’s going wrong. Without that knowledge, its hard to make good decisions. Imagine a world without crime statistics, or mortality statistics.
I was talking about the breach end of things, but the exploitation end is no less important.
Photo, illustrating typically effective defenses, from Stockxpert [link to http://www.stockxpert.com/browse.phtml?f=view&id=8608 no longer works].
It still pisses me off that half of “identity thefts” are fraudulent credit card use. Burying this older crime category with newer (or more prevalent) crime categories seems to me to exagerate the problem (which is plenty bad).
The overwhelming majority of “ID theft” cases are not technology crimes; as Scott mentions, a significant number are simple credit card theft, and more still are cases where family members stole PINs, cards, mail, or logins.