An identity breach is an identity-based impersonation attack in which a hacker exploits vulnerabilities to obtain PII (personally identifiable information), contact information, credit card numbers, and important credentials like passwords and usernames to commit identity theft, identity fraud, or other cybercrimes without the victim’s knowledge.
Using stolen information from a data breach, cybercriminals may attempt to steal classified information or money from the victim. Identity theft victims often do not know they have been compromised until after an identity breach has occurred.
A 2022 report by ForgeRock reported that in 2021, over two billion records with users’ credentials were compromised, which is more than a third of the total breaches since 2020. According to the FTC, victims of identity fraud lost $5.9 billion in 2021 alone.
This article will examine what an identity breach is and how it can significantly impact the lives of both individuals and businesses.
Identity Breach vs. Identity Theft vs. Identity Fraud
Although often used synonymously, these three terms have slightly differing meanings. Here are the main differences between each concept:
Identity Breach - Identity breach is a broad term that refers to the unauthorized access of personally identifiable information (PII) or sensitive data through criminal means. An identity breach can occur through malware attacks, ransomware, personal account hacking, password-cracking software, or social engineering methods like phishing attacks.
Identity Theft - Identity theft occurs when a bad actor successfully steals a person’s PII without their knowledge with the intent to commit crimes, often for financial gains. Hackers may also use the stolen PII to exploit other accounts and identities that are linked to the victim to gather more critical data or compromise other victims.
Identity Fraud - Identity fraud is the unauthorized use of a victims’ information to falsely impersonate them for criminal or financial gain. Once the fraudster accesses the victim’s information, they can:
- Make false health insurance claims
- Transfer or wire money to their accounts
- File false tax returns or commit tax fraud
- Open up new bank accounts and take out loans
7 Most Common Types of Identity Breaches
Here are the seven most common types of identity theft and breaches:
1. Financial Identity Breach
A financial identity breach is when an individual’s personal information is used for criminal financial gain. With the stolen info, the hacker may make bank withdrawals, open up new accounts, or commit tax fraud to claim a tax refund.
Financial information that can be stolen includes:
- Social security numbers
- Banking account numbers
- Credit card information
Potential victims may notice initial warning signs of financial theft if they notice any sudden changes to their credit scores or large withdrawals from their bank accounts. Everyone should use free credit monitoring services at least once a month to ensure no suspicious activity has occurred.
2. Criminal Identity Breach
Criminal identity breaches are when a criminal uses stolen personal info to commit crimes in the target’s name. The criminal uses the stolen identity instead of their name during an arrest or investigation to trick law enforcement.
Victims of criminal identity theft may receive arrest warrants or court summons for a crime they did not commit, which can result in a false arrest, loan denial, or criminal activity in a background check or police report.
3. Medical Identity Theft
Medical identity theft occurs when a criminal uses stolen personal data to receive medical care, prescription drugs, and health insurance in the target’s name. This type of identity breach is a serious crime in which false medical data is input for the victim, or medical insurance is exploited.
Victims of medical identity theft may receive large hospital bills, false prescription history, or get the wrong care prescribed to them at a later date, which can be a deadly ordeal.
4. Child Identity Breach
Child identity theft involves the fraudulent use of a child's identity to commit crimes or falsely impersonate a fresh identity. Most cases are committed by a close family member, relative, or friend due to their easy access to the child’s personal information.
Child identity breaches can happen for two main reasons:
- Children often do not have a financial or criminal history, making it easy for criminals to create or steal a new identity to commit fraud.
- Many cases of child identity breaches aren’t detected until they are closer to adult age when they apply for jobs or new credit card accounts.
It’s generally good practice to use free credit score monitoring reports to habitually check if any form of identity breach has occurred for any children in the household.
5. Synthetic Identity Theft
Synthetic identity breach is a type of fraud in which criminals combine real and fake personal information to create a fictional identity. Using a combination of real SSNs and fake names and birthdays, criminals can use those to open new accounts and take out loans.
This type of fraud is increasingly more prevalent because it’s one of the most difficult for organizations and law enforcement authorities to detect. The most common victims are children and senior citizens who don’t use their SSNs or check their credit scores that often.
6. Taxpayer Identity Breach
Taxpayer identity breach includes tax identity theft and IRS (internal revenue service) scams in which fraudsters use the victim’s SSN to file a tax return and steal the tax refund or credit. To combat this, some states have implemented six-digit PINs to their citizens’ IRS records for additional security.
Victims may notice signs of a taxpayer identity breach if they can’t file their tax returns, receive a tax receipt in the mail, or if their online tax account has been accessed. Any signs of an identity breach should be immediately reported to the IRS.
7. Account Takeover
Lastly, an account takeover is when hackers use personal data to gain access to a victim’s critical accounts, like their email accounts, bank accounts, or cryptocurrency accounts. They may use brute-force attacks, password-cracking tricks, or phishing attacks to successfully steal user information.
Two-factor or multi-factor authentication is highly recommended for everyone to implement to prevent this from happening. Creating strong passwords is also extremely important to prevent threat actors from easily guessing passwords.
Common Identity Breach Methods
Identity breaches and ID thefts occur in many ways, usually through poor data security practices or carelessness from the victim. They can occur through physical and digital means, which means that it’s important to properly dispose of old hardware and secure current software for maximum protection.
Some physical methods in which identities are stolen include:
- Stolen wallets, purses, packages, or mail
- Unwiped, discarded hard drives
- ATM skimming
- Non-shredded bank statements, tax documents, or other sensitive mail from trash
However, most data is stolen through digital methods today, including:
- Malware attacks exploit system vulnerabilities like outdated or poorly written software to infiltrate computer systems. These attacks can also take place through email attachments, which infect the computer and network if opened by unsuspecting users.
- Ransomware attacks are used by criminals through malware to hold sensitive data at ransom until a significant fee is paid. Ransomware can affect individuals and large organizations equally.
- Phishing attacks are social engineering attacks used by hackers to steal identities by tricking users into exposing their personal information. They can send fake emails or text messages impersonating others or trick users into clicking infected links to steal data.
- SQL injection (Structured Query Language injection) is a type of cyber attack that exploits weaknesses in database-driven apps and unsecured websites. Identity thieves can easily access sensitive information in the database by injecting SQL commands in the website’s search engine or user input.
- Brute-force attacks use password-cracking software to attempt to guess the most common passwords until it is successful. Accounts with easier passwords to guess are often the victims of identity breaches.
- The dark web is a common place for criminals to purchase stolen data from a data breach.
Common Signs of an Identity Breach
If you think that you might be a victim of identity theft, there are a few warning signs that will alert you of potential fraud. These can include:
- Unauthorized withdrawals and charges on your credit card statements
- Suspicious activity on your email, banking, or social media accounts
- Finding out via email or identity theft protection services that your information is a part of a recent data breach report
- Communication from unrecognized individuals that make odd requests or demands
- An unrecognized account opened under your name
What to Do if My Identity Has Been Stolen
If you think that you might be a victim of identity theft, you should immediately:
- Contact your local or state fraud department and report identity theft to the FTC (Federal Trade Commission) via IdentityTheft.gov, and the Office of Inspector General
- Contact your credit card companies, financial institutions, and other payment processing platforms you have and inform them of the identity theft
- Freeze all of your accounts and change all of your passwords, login credentials, and debit card PINs
- Place a fraud alert by contacting at least one of the three major credit bureaus like Experian, TransUnion, or Equifax
The FTC will advise you with a personal recovery plan and identity theft protection services after the identity theft has occurred. They will aid you in correcting any false personal information.
Additionally, you can contact your major credit bureaus and ask them to monitor your free credit report regularly to prevent any other illicit activities on your card.
