IT | Security

25% of PCI Data Breaches Lead to Identity Theft

By: Absolute Editorial Team | 11/28/2013

A new study conducted by Javelin Research on behalf of Identity Finder has found that more than 25% of the 16 million victims of payment card information (PCI)-related data breaches in 2012 later suffered from identity theft. In absolute figures, that means that 4.4 million people suffered from identity theft as a result of their PCI being breached in the US.

According the the study, victims at the highest risk for identity fraud were those whose PCI and Social Security Number were breached.

Additional highlights from the study:

  • 4.4 million Americans were both notified that their PCI was compromised in a breach and suffered fraud on their existing credit or debit cards
  • 1.26 million Americans were both notified that their Social Security numbers (SSN) were compromised in a data breach and became victims of identity fraud
  • 270 thousand Americans were both notified that their online banking credentials were compromised in a data breach and suffered fraud on their financial accounts, including checking and savings accounts
  • 324 thousand Americans were both notified that their bank account numbers were compromised in a data breach and became victims of fraud incurred against their checking, savings, or other financial accounts
  • Retailers and financial institutions are the top targets for theft
  • The growing digitization of protected health information (PHI) holds the potential to make healthcare organizations more of a target for organized attacks

Identifying, classifying and securing data with appropriate measures and policies is key to mitigating the risks of data breaches, which continue to have crippling effects on victims and costly effects for organizations.

With more data moving to the endpoint, it's important to have a plan in place to protect it. To learn how we can help you manage and secure your IT endpoints, read here. Also get in touch with us about how our recent acquisition can provide you with data loss prevention technologies to complement our existing suite of services.